21 matches found
Hisense TransTech Smart Bus Management System SQL Injection Vulnerability
Hisense TransTech Smart Bus Management System is an intelligent bus management system developed by China's Hisense company. The Hisense TransTech Smart Bus Management System versions 20260113 and earlier have a SQL injection vulnerability. This vulnerability stems from incorrect operations with t...
CVE-2026-1449 Hisense TransTech Smart Bus Management System TireMng.aspx Page_Load sql injection
A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function PageLoad of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to launch the attack...
CVE-2026-1449
CVE-2026-1449 affects Hisense TransTech Smart Bus Management System up to 20260113. The vulnerability is in YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx, Page_Load, where manipulation of the request argument key can trigger a SQL injection. Remote exploitation is possible, and an exploit h...
EUVD-2019-6361
Malware in sbrugna...
EUVD-2019-6373
Malware in sbrugna...
CVE-2019-15372
The Hisense F17 Android device with a build fingerprint of Hisense/F174G/HS6739MT:8.1.0/O11019/HisenseF174G00S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify...
CVE-2019-15360
The Hisense U965 Android device with a build fingerprint of Hisense/U9654G10/HS6739MT:8.1.0/O11019/HisenseU9654G10S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to...
global.hisense.com Cross Site Scripting vulnerability OBB-2618948
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
global.hisense.com Cross Site Scripting vulnerability OBB-2617978
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
global.hisense.com Cross Site Scripting vulnerability OBB-2555609
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Hisense A5 series cell phones have information leakage vulnerability
Hisense owns two listed companies in Shanghai, Shenzhen and Hong Kong, Hisense Video 600060 and Hisense Home Appliances 000921, and owns a number of brands such as Hisense, Toshiba, Gorenje, Kelon, Ronshen and ASKO. The information disclosure vulnerability exists in Hisense A5 series cell phones...
Denial of service vulnerability in Hisense Ethernet Passive Optical Fiber Access User Unit (EPON ONU) IP906H-FV1
Hisense Group Limited is an electronic information industry group company. A denial of service vulnerability exists in Hisense Ethernet Passive Optical Fiber Access User Unit EPON ONU IP906H-FV1, which can be exploited by attackers to cause a denial of service...
CVE-2019-15372
The Hisense F17 Android device with a build fingerprint of Hisense/F174G/HS6739MT:8.1.0/O11019/HisenseF174G00S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify...
CVE-2019-15360
The Hisense U965 Android device with a build fingerprint of Hisense/U9654G10/HS6739MT:8.1.0/O11019/HisenseU9654G10S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to...
Authorization
The Hisense F17 Android device with a build fingerprint of Hisense/F174G/HS6739MT:8.1.0/O11019/HisenseF174G00S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify...
Authorization
The Hisense U965 Android device with a build fingerprint of Hisense/U9654G10/HS6739MT:8.1.0/O11019/HisenseU9654G10S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to...
CVE-2019-15372
The CVE-2019-15372 entry concerns the Hisense F17 Android device, where a pre-installed app (package: com.mediatek.wfo.impl, versionCode 27, versionName 8.1.0) exposes an interface that lets any co-located app modify a system property without proper authorization. This is a local vulnerability wi...
CVE-2019-15372
The Hisense F17 Android device with a build fingerprint of Hisense/F174G/HS6739MT:8.1.0/O11019/HisenseF174G00S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to modify...
CVE-2019-15360
The Hisense U965 Android device with a build fingerprint of Hisense/U9654G10/HS6739MT:8.1.0/O11019/HisenseU9654G10S01:user/release-keys contains a pre-installed app with a package name of com.mediatek.wfo.impl app versionCode=27, versionName=8.1.0 that allows any app co-located on the device to...
CVE-2019-15360
The CVE-2019-15360 entry applies to Hisense U965 devices (build Hisense/U965_4G_10/HS6739MT:8.1.0). A pre-installed app with package name com.mediatek.wfo.impl (versionCode 27, versionName 8.1.0) exposes an interface that lets any co-located app modify a system property without proper authorizati...