Lucene search
K

93 matches found

CNNVD
CNNVD
added 2024/04/04 12:0 a.m.6 views

Beijing Baichuo Smart S210 Management Platform 安全漏洞

Beijing Baichuo Smart S210 Management Platform is a multi-service security gateway intelligent management platform from Beijing Baichuo, China. A security vulnerability exists in the Beijing Baichuo Smart S210 Management Platform that could allow an attacker to obtain sensitive information via th...

6.5CVSS6.3AI score0.00172EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/03/07 12:0 a.m.3 views

Beijing Baichuo Smart S42 Security Breach

Beijing Baichuo Smart S42 is an Internet Behavior Management appliance from Beijing Baichuo, China. A security vulnerability exists in Beijing Baichuo Smart S42 v.S42, which originates from a file upload vulnerability. The vulnerability can be exploited to execute arbitrary code via the...

7.7CVSS7.8AI score0.00259EPSS
Exploits0References2
Prion
Prion
added 2024/02/27 1:15 p.m.18 views

Out-of-bounds

A vulnerability has been found in Beijing Baichuo Smart S42 Management Platform up to 20240219 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /useratte/userattestation.php. The manipulation of the argument hidwel leads to unrestricted upload. Th...

5.8CVSS7AI score0.02333EPSS
Exploits0References3
CVE
CVE
added 2024/02/27 1:0 p.m.129 views

CVE-2024-1918

CVE-2024-1918 affects Byzoro Smart S42 Management Platform (versions up to 20240219). The vulnerability concerns an unknown functionality in /useratte/userattestation.php where manipulation of the hidwel parameter enables unrestricted file uploads. The issue is exploitable remotely and has been d...

9.8CVSS4.9AI score0.02333EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2024/02/27 12:0 a.m.4 views

Beijing Baichuo Smart S42 Management Platform Code Issue Vulnerability

Beijing Baichuo Smart S42 is an Internet Behavior Management appliance from Beijing Baichuo, China. A code issue exists in Beijing Baichuo Smart S42 Management Platform 20240219 and prior versions, which originates from an unknown function in /useratte/userattestation.php that causes unrestricted...

9.8CVSS7.1AI score0.02333EPSS
Exploits0References5
Prion
Prion
added 2024/02/06 7:15 p.m.27 views

Sql injection

A vulnerability, which was classified as critical, was found in Beijing Baichuo Smart S20 Management Platform up to 20231120. This affects an unknown part of the file /sysmanage/sysmanageajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack...

5.8CVSS7.5AI score0.04612EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2024/02/06 6:31 p.m.59 views

CVE-2024-1254

Summary: CVE-2024-1254 affects Beijing Baichuo / Byzoro Smart S20 Management Platform up to 20231120. The vulnerability is in the file /sysmanage/sysmanageajax.php, where manipulation of the id parameter yields an SQL injection. Exploitation is possible remotely, and public exploits have been dis...

7.2CVSS7.2AI score0.04612EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2024/02/06 5:15 p.m.18 views

Out-of-bounds

A vulnerability, which was classified as critical, has been found in Beijing Baichuo Smart S40 Management Platform up to 20240126. Affected by this issue is some unknown functionality of the file /useratte/web.php of the component Import Handler. The manipulation of the argument fileupload leads ...

5.8CVSS7AI score0.01696EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2024/02/06 5:0 p.m.61 views

CVE-2024-1253

CVE-2024-1253 affects Beijing Baichuo/Byzoro Smart S40 Management Platform up to 20240126. The issue is in the Import Handler’s file_upload handling for /useratte/web.php, where improper handling can cause unrestricted file upload. This enables remote exploitation with high impact to confidential...

7.2CVSS7AI score0.01696EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/02/06 12:0 a.m.5 views

Beijing Baichuo Smart S20 SQL Injection Vulnerability

The Beijing Baichuo Smart S20 is an Internet Behavior Management appliance from Beijing Baichuo, China. A SQL injection vulnerability exists in Beijing Baichuo Smart S20 Management Platform version 20231120 and prior versions, which stems from an incorrect operation of the parameter id that can...

7.2CVSS8.4AI score0.04612EPSS
Exploits1References5
Prion
Prion
added 2024/01/26 7:15 p.m.20 views

Out-of-bounds

A vulnerability has been found in Beijing Baichuo Smart S210 Management Platform up to 20240117 and classified as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument fileupload leads to unrestricted upload. The attack can be initiat...

6.5CVSS7.2AI score0.43777EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2024/01/26 6:31 p.m.66 views

CVE-2024-0939

The CVE-2024-0939 entry concerns Byzoro Beijing Baichuo Smart S210 Management Platform (versions up to 20240117). The vulnerability lies in /Tool/uploadfile.php where manipulating the file_upload parameter allows unrestricted file uploads, enabling remote code execution and potentially compromisi...

9.8CVSS9.4AI score0.43777EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/01/26 12:0 a.m.7 views

PT-2024-15924 · Beijing Baichuo · Beijing Baichuo Smart S210 Management Platform

Name of the Vulnerable Software and Affected Versions: Beijing Baichuo Smart S210 Management Platform versions up to 20240117 Description: A critical vulnerability has been found in the Beijing Baichuo Smart S210 Management Platform. The issue affects the file /Tool/uploadfile.php, where the...

9.8CVSS6.5AI score0.43777EPSS
Exploits1References8
Prion
Prion
added 2024/01/19 3:15 p.m.16 views

Information disclosure

A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the...

2.1CVSS6.5AI score0.01208EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2024/01/19 3:0 p.m.157 views

CVE-2024-0716

CVE-2024-0716 affects Byzoro Smart S150 Management Platform v31R02B15, specifically the Backup File Handler component’s /log/download.php, where manipulation leads to information disclosure. The connected PT-2024-15776 entry provides concrete details: remote initiation is possible, attack complex...

5.3CVSS5AI score0.01208EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2024/01/19 2:15 p.m.18 views

Improper access control

A vulnerability was found in Beijing Baichuo Smart S150 Management Platform V31R02B15. It has been classified as critical. Affected is an unknown function of the file /useratte/inc/userattea.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The...

7.5CVSS7AI score0.03896EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2024/01/19 1:31 p.m.158 views

CVE-2024-0712

The CVE-2024-0712 entry concerns Byzoro/Beijing Baichuo Smart S150 Management Platform (V31R02B15). Affected is an unknown function in the file /useratte/inc/userattea.php, leading to improper access controls. The vulnerability is exploitable remotely, and public exploits have been disclosed. Mul...

9.8CVSS9.4AI score0.03896EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2024/01/19 12:0 a.m.3 views

Beijing Baichuo Smart S150 Information Disclosure Vulnerability

Beijing Baichuo Smart S150 is an Internet Behavior Management appliance from Beijing Baichuo, China. An information disclosure vulnerability exists in Beijing Baichuo Smart S150 Management Platform version V31R02B15, which originates from the file /log/download.php and can lead to information...

5.3CVSS6.2AI score0.01208EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/01/19 12:0 a.m.5 views

Beijing Baichuo Smart S150 Access Control Error Vulnerability

Beijing Baichuo Smart S150 is an Internet Behavior Management appliance from Beijing Baichuo, China. An access control error vulnerability exists in Beijing Baichuo Smart S150 Management Platform version V31R02B15, which originates from the file /useratte/inc/userattea.php that can lead to...

9.8CVSS6.8AI score0.03896EPSS
Exploits1References5
Prion
Prion
added 2024/01/08 6:15 a.m.18 views

Out-of-bounds

A vulnerability was found in Beijing Baichuo Smart S150 Management Platform up to 20240101. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php of the component HTTP POST Request Handler. The manipulation of the argument...

6.5CVSS7AI score0.05703EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder