131 matches found
Fujian Kelixin Communication - Command Injection
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this issue is some unknown functionality of the file api/client/user/pwdupdate.php. id: CVE-2024-2621 info: name: Fujian Kelixin Communication - Command...
CVE-2026-7519
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...
CVE-2026-7519
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...
CVE-2026-7519 Fujian Apex LiveBOS Endpoint UploadImage.do path traversal
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...
EUVD-2026-26467
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...
CVE-2026-7519 Fujian Apex LiveBOS Endpoint UploadImage.do path traversal
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...
CVE-2026-7519
Technical details are not publicly available in the provided documents. Monitor for updates.
PT-2026-36261
Name of the Vulnerable Software and Affected Versions Fujian Apex LiveBOS versions prior to 2.1 Description A path traversal issue exists in the Endpoint component. A remote attacker can manipulate the filename argument in the '/feed/UploadImage.do' endpoint to access or overwrite files outside t...
CVE-2026-2820
A security flaw has been discovered in Fujian Smart Integrated Management Platform System up to 7.5. This issue affects some unknown processing of the file /Module/CRXT/Controller/XAccessPermissionPlus.ashx. The manipulation of the argument DeviceIDS results in sql injection. The attack may be...
CVE-2026-2821
A weakness has been identified in Fujian Smart Integrated Management Platform System up to 7.5. Impacted is an unknown function of the file /Module/CRXT/Controller/XCamera.ashx. This manipulation of the argument ChannelName causes sql injection. Remote exploitation of the attack is possible. The...
CVE-2026-2821
A weakness has been identified in Fujian Smart Integrated Management Platform System up to 7.5. Impacted is an unknown function of the file /Module/CRXT/Controller/XCamera.ashx. This manipulation of the argument ChannelName causes sql injection. Remote exploitation of the attack is possible. The...
CVE-2026-2821 Fujian Smart Integrated Management Platform System XCamera.ashx sql injection
A weakness has been identified in Fujian Smart Integrated Management Platform System up to 7.5. Impacted is an unknown function of the file /Module/CRXT/Controller/XCamera.ashx. This manipulation of the argument ChannelName causes sql injection. Remote exploitation of the attack is possible. The...
CVE-2026-2821
CVE-2026-2821 affects Fujian Smart Integrated Management Platform System up to version 7.5. An issue in the /Module/CRXT/Controller/XCamera.ashx handler allows altering the ChannelName argument to trigger a SQL injection. This enables remote exploitation with no authentication required and has pu...
CVE-2026-2821 Fujian Smart Integrated Management Platform System XCamera.ashx sql injection
A weakness has been identified in Fujian Smart Integrated Management Platform System up to 7.5. Impacted is an unknown function of the file /Module/CRXT/Controller/XCamera.ashx. This manipulation of the argument ChannelName causes sql injection. Remote exploitation of the attack is possible. The...
CVE-2026-2821
A weakness has been identified in Fujian Smart Integrated Management Platform System up to 7.5. Impacted is an unknown function of the file /Module/CRXT/Controller/XCamera.ashx. This manipulation of the argument ChannelName causes sql injection. Remote exploitation of the attack is possible. The...
CVE-2026-2820
A security flaw has been discovered in Fujian Smart Integrated Management Platform System up to 7.5. This issue affects some unknown processing of the file /Module/CRXT/Controller/XAccessPermissionPlus.ashx. The manipulation of the argument DeviceIDS results in sql injection. The attack may be...
CVE-2026-2820
The vulnerability CVE-2026-2820 affects Fujian Smart Integrated Management Platform System (firmware/version up to 7.5). The issue lies in processing of the file /Module/CRXT/Controller/XAccessPermissionPlus.ashx where manipulating the DeviceIDS argument triggers an SQL injection. Attack vector i...
CVE-2026-2820 Fujian Smart Integrated Management Platform System XAccessPermissionPlus.ashx sql injection
A security flaw has been discovered in Fujian Smart Integrated Management Platform System up to 7.5. This issue affects some unknown processing of the file /Module/CRXT/Controller/XAccessPermissionPlus.ashx. The manipulation of the argument DeviceIDS results in sql injection. The attack may be...
CVE-2026-2820 Fujian Smart Integrated Management Platform System XAccessPermissionPlus.ashx sql injection
A security flaw has been discovered in Fujian Smart Integrated Management Platform System up to 7.5. This issue affects some unknown processing of the file /Module/CRXT/Controller/XAccessPermissionPlus.ashx. The manipulation of the argument DeviceIDS results in sql injection. The attack may be...
CVE-2026-2820
A security flaw has been discovered in Fujian Smart Integrated Management Platform System up to 7.5. This issue affects some unknown processing of the file /Module/CRXT/Controller/XAccessPermissionPlus.ashx. The manipulation of the argument DeviceIDS results in sql injection. The attack may be...