14 matches found
CVE-2026-2668
Affected product/component: Rongzhitong Visual Integrated Command and Dispatch Platform, specifically the User Handler component (file: /dm/dispatch/user/add). Root cause (as described): Improper access controls due to manipulation. Impact: Remote attacker could exploit this via a network attack ...
CVE-2024-2622
The CVE-2024-2622 entry concerns Fujian Kelixin Command and Dispatch Platform up to 20240318, with an SQL injection in /api/client/editemedia.php where the attacker can manipulate the number/enterprise_uuid parameter. This allows remote exploitation and has been disclosed publicly. Affected compo...
CVE-2024-2622 Fujian Kelixin Communication Command and Dispatch Platform editemedia.php sql injection
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318. It has been classified as critical. This affects an unknown part of the file /api/client/editemedia.php. The manipulation of the argument number/enterpriseuuid leads to sql injection. It is...
CVE-2024-2622 Fujian Kelixin Communication Command and Dispatch Platform editemedia.php sql injection
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318. It has been classified as critical. This affects an unknown part of the file /api/client/editemedia.php. The manipulation of the argument number/enterpriseuuid leads to sql injection. It is...
CVE-2024-2621 Fujian Kelixin Communication Command and Dispatch Platform pwd_update.php sql injection
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/client/user/pwdupdate.php. The manipulation of the argument uuid leads to sql injection. The atta...
CVE-2024-2621
The vulnerability CVE-2024-2621 affects Fujian Kelixin Communication Command and Dispatch Platform (versions up to 20240318). The issue concerns an SQL injection in the file api/client/user/pwd_update.php, triggered by manipulating the uuid argument. Exploitation may be possible remotely and publ...
CVE-2024-2621 Fujian Kelixin Communication Command and Dispatch Platform pwd_update.php sql injection
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/client/user/pwdupdate.php. The manipulation of the argument uuid leads to sql injection. The atta...
CVE-2024-2620 Fujian Kelixin Communication Command and Dispatch Platform down_file.php sql injection
A vulnerability has been found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this vulnerability is an unknown functionality of the file api/client/downfile.php. The manipulation of the argument uuid leads to sql injection. The...
CVE-2024-2620 Fujian Kelixin Communication Command and Dispatch Platform down_file.php sql injection
A vulnerability has been found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this vulnerability is an unknown functionality of the file api/client/downfile.php. The manipulation of the argument uuid leads to sql injection. The...
CVE-2024-2620
CVE-2024-2620 affects Fujian Kelixin Communication Command and Dispatch Platform (up to 20240318). Affected is the file api/client/down_file.php; manipulating the uuid parameter triggers a SQL injection. Exploitability is remote and exploit has been disclosed publicly (VDB-257197). Multiple sourc...
CVE-2024-2566
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240313. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file api/client/getextensionyl.php. The manipulation of the argument imei leads to sql...
CVE-2024-2566 Fujian Kelixin Communication Command and Dispatch Platform get_extension_yl.php sql injection
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240313. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file api/client/getextensionyl.php. The manipulation of the argument imei leads to sql...
CVE-2024-2566
The CVE-2024-2566 entry concerns Fujian Kelixin Communication Command and Dispatch Platform (up to 20240313). The vulnerability targets the file api/client/get_extension_yl.php, where manipulation of the imei parameter yields an SQL injection. Exploitation is described as remote. Public disclosur...
Fujian Kelixin Command and Dispatch Platform SQL Injection Vulnerability
Fujian Kelixin Command and Dispatch Platform is a command and dispatch platform from Fujian Kelixin Company. A SQL injection vulnerability exists in Fujian Kelixin Command and Dispatch Platform version 20240313 and earlier versions, which stems from an incorrect operation of the parameter imei th...