CVE-2024-1302 Multiple Vulnerabilities in Badger Meter's Monitool

Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and earlier. A local attacker could change the application's file parameter to a log file obtaining all sensitive information such as database credentials...

CVE-2024-1302 Multiple Vulnerabilities in Badger Meter's Monitool

Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and earlier. A local attacker could change the application's file parameter to a log file obtaining all sensitive information such as database credentials...

CVE-2024-1301 Multiple Vulnerabilities in Badger Meter's Monitool

SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote attacker could send a specially crafted SQL query to the server via the jusername parameter and retrieve the information stored in the database...

CVE-2024-1301 Multiple Vulnerabilities in Badger Meter's Monitool

SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote attacker could send a specially crafted SQL query to the server via the jusername parameter and retrieve the information stored in the database...

CVE-2024-1301

CVE-2024-1301 describes an SQL injection in Badger Meter Monitool affecting versions 4.6.3 and earlier. The vulnerability arises from allowably crafting input sent to the server via the j_username parameter, enabling a remote attacker to retrieve information stored in the database. Multiple conne...

PT-2024-17878 · Badger Meter · Badger Meter Monitool

Name of the Vulnerable Software and Affected Versions: Badger Meter Monitool versions up to 4.6.3 and earlier Description: The issue allows a local attacker to change the application's file parameter to a log file, obtaining sensitive information such as database credentials. Recommendations: For...

PT-2024-17897 · Badger Meter · Monitool

Name of the Vulnerable Software and Affected Versions: Badger Meter Monitool versions up to 4.6.3 and earlier Description: The issue is a cross-site scripting vulnerability that allows a remote attacker to send a specially crafted javascript payload to an authenticated user, potentially hijacking...

PT-2024-17887 · Badger Meter · Badger Meter Monitool

Name of the Vulnerable Software and Affected Versions: Badger Meter Monitool versions prior to 4.6.3 Description: The issue allows an authenticated attacker to retrieve any file from the device using the download-file functionality due to incorrectly limiting the path to a restricted directory...

PT-2024-17869 · Badger Meter · Badger Meter Monitool

Name of the Vulnerable Software and Affected Versions: Badger Meter Monitool versions 4.6.3 and earlier Description: A remote attacker could send a specially crafted SQL query to the server via the j username parameter and retrieve the information stored in the database. This issue allows an...