6 matches found
CVE-2025-34059
An SQL injection vulnerability exists in the Dahua Smart Cloud Gateway Registration Management Platform via the username parameter in the /index.php/User/doLogin endpoint. The application fails to properly sanitize user input, allowing unauthenticated attackers to inject arbitrary SQL statements...
CVE-2025-34059 Dahua Smart Cloud Gateway Registration Management Platform SQL Injection
An SQL injection vulnerability exists in the Dahua Smart Cloud Gateway Registration Management Platform via the username parameter in the /index.php/User/doLogin endpoint. The application fails to properly sanitize user input, allowing unauthenticated attackers to inject arbitrary SQL statements...
CVE-2025-34059 Dahua Smart Cloud Gateway Registration Management Platform SQL Injection
An SQL injection vulnerability exists in the Dahua Smart Cloud Gateway Registration Management Platform via the username parameter in the /index.php/User/doLogin endpoint. The application fails to properly sanitize user input, allowing unauthenticated attackers to inject arbitrary SQL statements...
CVE-2025-34059
The CVE-2025-34059 issue affects the Dahua Smart Cloud Gateway Registration Management Platform. Affected component is the login endpoint /index.php/User/doLogin where the username parameter is not sanitized, enabling SQL injection that could disclose sensitive information. Exploitation evidence ...
PT-2025-27542 · Dahua · Smart Cloud Gateway Registration Management Platform
Name of the Vulnerable Software and Affected Versions: Dahua Smart Cloud Gateway Registration Management Platform affected versions not specified Description: An SQL injection issue exists in the Dahua Smart Cloud Gateway Registration Management Platform via the username parameter in the...
Dahua Smart Cloud Gateway Registration Management 安全漏洞
Dahua Smart Cloud Gateway Registration Management is a cloud gateway registration platform from Dahua, China. A security vulnerability exists in Dahua Smart Cloud Gateway Registration Management, which is caused by SQL injection due to uncleared input in the /index.php/User/doLogin endpoint...