8 matches found
CVE-2026-4956 Shenzhen Ruiming Technology Streamax Crocus Parameter DevicePrint.do sql injection
A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. The affected element is an unknown function of the file /DevicePrint.do?Action=ReadTask of the component Parameter Handler. The manipulation of the argument State results in sql injection. The attack can be launch...
CVE-2026-4955 Shenzhen Ruiming Technology Streamax Crocus OperateStatistic.do sql injection
A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. This impacts an unknown function of the file /OperateStatistic.do. The manipulation of the argument VehicleID results in sql injection. The attack can be launched remotely. The exploit has been made public and could ...
Shenzhen Ruiming Streamax Crocus SQL注入漏洞
Shenzhen Ruiming Streamax Crocus is a vehicle monitoring device developed by Shenzhen Ruiming. Version 1.3.44 of Shenzhen Ruiming Streamax Crocus contains an SQL injection vulnerability. This vulnerability arises from improper handling of the State parameter in the...
Shenzhen Ruiming Streamax Crocus 安全漏洞
Shenzhen Ruiming Streamax Crocus is a vehicle monitoring device developed by Shenzhen Ruiming. Versions of Shenzhen Ruiming Streamax Crocus prior to 1.3.44 contained a security vulnerability. This vulnerability stemmed from improper handling of the State parameter in the file/RemoteFormat.do, whi...
EUVD-2025-34909
A security flaw has been discovered in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The affected element is the function uploadFile of the file /FileDir.do?Action=Upload. Performing manipulation of the argument File results in unrestricted upload. The attack is possible to be carried out...
CVE-2025-11913 Shenzhen Ruiming Technology Streamax Crocus Service.do download path traversal
A vulnerability has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected by this vulnerability is the function Download of the file /Service.do?Action=Download. Such manipulation of the argument Path leads to path traversal. The attack can be launched remotely. The exploit h...
CVE-2025-11908
A security flaw has been discovered in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The affected element is the function uploadFile of the file /FileDir.do?Action=Upload. Performing manipulation of the argument File results in unrestricted upload. The attack is possible to be carried out...
CVE-2025-11908 Shenzhen Ruiming Technology Streamax Crocus FileDir.do uploadFile unrestricted upload
A security flaw has been discovered in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. The affected element is the function uploadFile of the file /FileDir.do?Action=Upload. Performing manipulation of the argument File results in unrestricted upload. The attack is possible to be carried out...