7 matches found
BSA Radar Information Disclosure (CVE-2020-14946)
An information disclosure vulnerability exists in BSA Radar. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
BSA Radar 1.6.7234.24750 Local File Inclusion
Exploit title: BSA Radar 1.6.7234.24750 - Local File Inclusion Date: 2020-07-08 Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14946 - Local File Inclusion Description: The Administrator section of th...
BSA Radar 1.6.7234.24750 - Local File Inclusion Vulnerability
Exploit for multiple platform in category web applications Exploit title: BSA Radar 1.6.7234.24750 - Local File Inclusion Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14946 - Local File Inclusion...
BSA Radar 1.6.7234.24750 - Local File Inclusion
Exploit title: BSA Radar 1.6.7234.24750 - Local File Inclusion Date: 2020-07-08 Exploit Author: William Summerhill Vendor homepage: https://www.globalradar.com/ Version: BSA Radar - Version 1.6.7234.24750 and lower CVE-2020-14946 - Local File Inclusion Description: The Administrator section of th...
CVE-2020-14946
downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. When downloading the files, a user is able to view local files on the web server by manipulating the FileName and FilePath...
CVE-2020-14946
downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. When downloading the files, a user is able to view local files on the web server by manipulating the FileName and FilePath...
CVE-2020-14946
CVE-2020-14946 affects Global RADAR BSA Radar versions 1.6.7234.24750 and earlier. The vulnerability resides in the Administrator section of the Surveillance module via the /UC/downloadFile.ashx endpoint, where manipulating FileName and FilePath (in the URL or through a proxy) can disclose local ...