21 matches found
EUVD-2020-30830
UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that allows normal users to escalate privileges by manipulating the 'ftgrp' parameter. Attackers can send a GET request to /html/user with 'ftgrp' set to integer value '3' to gain super admin rights without...
EUVD-2020-30831
UBICOD Medivision Digital Signage 1.5.1 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without proper request validation. Attackers can craft a malicious web page that submits a form to the /query/user/itSet endpoint to add a new...
CVE-2020-36902
UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that allows normal users to escalate privileges by manipulating the 'ftgrp' parameter. Attackers can send a GET request to /html/user with 'ftgrp' set to integer value '3' to gain super admin rights without...
CVE-2020-36902
UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that allows normal users to escalate privileges by manipulating the 'ftgrp' parameter. Attackers can send a GET request to /html/user with 'ftgrp' set to integer value '3' to gain super admin rights without...
CVE-2020-36901
UBICOD Medivision Digital Signage 1.5.1 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without proper request validation. Attackers can craft a malicious web page that submits a form to the /query/user/itSet endpoint to add a new...
CVE-2020-36902 UBICOD Medivision Digital Signage 1.5.1 Authorization Bypass via User Privileges
UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that allows normal users to escalate privileges by manipulating the 'ftgrp' parameter. Attackers can send a GET request to /html/user with 'ftgrp' set to integer value '3' to gain super admin rights without...
CVE-2020-36902 UBICOD Medivision Digital Signage 1.5.1 Authorization Bypass via User Privileges
UBICOD Medivision Digital Signage 1.5.1 contains an authorization bypass vulnerability that allows normal users to escalate privileges by manipulating the 'ftgrp' parameter. Attackers can send a GET request to /html/user with 'ftgrp' set to integer value '3' to gain super admin rights without...
CVE-2020-36901 UBICOD Medivision Digital Signage 1.5.1 Cross-Site Request Forgery via User Management
UBICOD Medivision Digital Signage 1.5.1 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without proper request validation. Attackers can craft a malicious web page that submits a form to the /query/user/itSet endpoint to add a new...
CVE-2020-36901 UBICOD Medivision Digital Signage 1.5.1 Cross-Site Request Forgery via User Management
UBICOD Medivision Digital Signage 1.5.1 contains a cross-site request forgery vulnerability that allows attackers to create administrative user accounts without proper request validation. Attackers can craft a malicious web page that submits a form to the /query/user/itSet endpoint to add a new...
CVE-2020-36901
Summary of CVE-2020-36901 (UBICOD Medivision Digital Signage 1.5.1) : A cross-site request forgery (CSRF) vulnerability exists in Medivision Digital Signage 1.5.1 that allows an attacker to create administrative user accounts without proper request validation. The attack involves a malicious page...
UBICOD Medivision Digital Signage 安全漏洞
UBICOD Medivision Digital Signage is a digital signage software for healthcare environments from UBICOD Medivision, a South Korean company. A security vulnerability exists in UBICOD Medivision Digital Signage version 1.5.1, which stems from an authorization bypass in the ftgrp parameter, which ma...
UBICOD Medivision Digital Signage 跨站请求伪造漏洞
UBICOD Medivision Digital Signage is a digital signage software for healthcare environments from UBICOD Medivision, a South Korean company. A cross-site request forgery vulnerability exists in UBICOD Medivision Digital Signage version 1.5.1, which stems from a lack of request validation and could...
UBICOD Medivision Digital Signage 1.5.1 - Cross-Site Request Forgery (Add Admin)
Title: UBICOD Medivision Digital Signage 1.5.1 - Cross-Site Request Forgery Add Admin Date: 2020-07-23 Author: LiquidWorm Product web page: http://www.medivision.co.kr CVE: N/A input type="hidden" name="aai...
UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass
Title: UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass Date: 2020-07-23 Author: LiquidWorm Product web page: http://www.medivision.co.kr CVE: N/A Vendor: UBICOD Co., Ltd. | MEDIVISION INC. Product web page: http://www.medivision.co.kr Affected version: Firmware 1.5.1 2013.01.3...
UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass Vulnerability
Exploit for hardware platform in category web applications Title: UBICOD Medivision Digital Signage 1.5.1 - Authorization Bypass Author: LiquidWorm Product web page: http://www.medivision.co.kr CVE: N/A Vendor: UBICOD Co., Ltd. | MEDIVISION INC. Product web page: http://www.medivision.co.kr...
UBICOD Medivision Digital Signage 1.5.1 Privilege Escalation Vulnerability
UBICOD Medivision Digital Signage version 1.5.1 suffers from a privilege escalation vulnerability that is leveraged via authorization bypass. UBICOD Medivision Digital Signage 1.5.1 Privilege Escalation Through Authorization Bypass Vendor: UBICOD Co., Ltd. | MEDIVISION INC. Product web page:...
UBICOD Medivision Digital Signage 1.5.1 Privilege Escalation
UBICOD Medivision Digital Signage 1.5.1 Privilege Escalation Through Authorization Bypass Vendor: UBICOD Co., Ltd. | MEDIVISION INC. Product web page: http://www.medivision.co.kr Affected version: Firmware 1.5.1 2013.01.3 Summary: Medivision is a service that provides everything from DID operatio...
UBICOD Medivision Digital Signage 1.5.1 Cross Site Request Forgery
input type="hi...
UBICOD Medivision Digital Signage 1.5.1 Cross Site Request Forgery Vulnerability
Exploit for php platform in category web applications...
UBICOD Medivision Digital Signage 1.5.1 CSRF Add Super Admin
Summary Medivision is a service that provides everything from DID operation to development of DID Digital Information Display optimized for hospital environment and production of professional contents, through DID product installation, image, video content planning, design work, and remote contro...