Lucene search
K

6 matches found

Packet Storm
Packet Storm
added 2024/09/06 12:0 a.m.347 views

C-MOR Video Surveillance 5.2401 / 6.00PL01 Command Injection

Advisory ID: SYSS-2024-030 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: OS Command Injection CWE-78 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05 Solution...

7.4AI score0.02612EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/09/06 12:0 a.m.318 views

C-MOR Video Surveillance 5.2401 / 6.00PL01 SQL Injection

Advisory ID: SYSS-2024-023 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: SQL Injection CWE-89 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05 Solution Date: -...

8.1CVSS7.1AI score0.01306EPSS
Exploits2
ICS
ICS
added 2023/10/05 6:0 a.m.51 views

Qognify NiceVision

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor : Qognify Equipment : NiceVision Vulnerability : Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to retrieve sensitive...

10CVSS9.5AI score0.00494EPSS
Exploits0References8
Exploit DB
Exploit DB
added 2021/01/27 12:0 a.m.297 views

STVS ProVision 5.9.10 - File Disclosure (Authenticated)

Exploit Title: STVS ProVision 5.9.10 - File Disclosure Authenticated Date: 19.01.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.stvs.ch STVS ProVision 5.9.10 archive.rb Authenticated File Disclosure Vulnerability Vendor: STVS SA Product web page: http://www.stvs.ch Platform: Ruby...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2021/01/27 12:0 a.m.407 views

STVS ProVision 5.9.10 - Cross-Site Request Forgery (Add Admin)

Exploit Title: STVS ProVision 5.9.10 - Cross-Site Request Forgery Add Admin Date: 19.01.2021 Exploit Author: LiquidWorm Vendor Homepage: http://www.stvs.ch STVS ProVision 5.9.10 Cross-Site Request Forgery Add Admin Vendor: STVS SA Product web page: http://www.stvs.ch Platform: Ruby Affected...

7.4AI score
Exploits0
0day.today
0day.today
added 2020/12/24 12:0 a.m.36 views

Arteco Web Client DVR/NVR Session Hijacking Vulnerability

The session identifier used by Arteco Web Client DVR/NVR is of an insufficient length and can be brute forced, allowing a remote attacker to obtain a valid session, bypass authentication, and disclose the live camera stream. !/usr/bin/env python3 Arteco Web Client DVR/NVR 'SessionId' Cookie Brute...

7.3AI score
Exploits0
Rows per page
Query Builder