7 matches found
CVE-2024-0716
A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...
CVE-2024-0716 Byzoro Smart S150 Management Platform Backup File download.php information disclosure
A vulnerability classified as problematic has been found in Byzoro Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack...
CVE-2024-0716
CVE-2024-0716 affects Byzoro Smart S150 Management Platform v31R02B15, specifically the Backup File Handler component’s /log/download.php, where manipulation leads to information disclosure. The connected PT-2024-15776 entry provides concrete details: remote initiation is possible, attack complex...
Improper access control
A vulnerability was found in Beijing Baichuo Smart S150 Management Platform V31R02B15. It has been classified as critical. Affected is an unknown function of the file /useratte/inc/userattea.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The...
CVE-2024-0712 Byzoro Smart S150 Management Platform userattea.php access control
A vulnerability was found in Byzoro Smart S150 Management Platform V31R02B15. It has been classified as critical. Affected is an unknown function of the file /useratte/inc/userattea.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit...
CVE-2024-0300 Byzoro Smart S150 Management Platform HTTP POST Request userattestation.php unrestricted upload
A vulnerability was found in Byzoro Smart S150 Management Platform up to 20240101. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php of the component HTTP POST Request Handler. The manipulation of the argument webimg lead...
CVE-2024-0300
CVE-2024-0300 affects Beijing Baichuo/ Byzoro Smart S150 Management Platform up to version 20240101. The issue lies in the HTTP POST Request Handler, specifically the /useratte/userattestation.php component, where manipulating the web_img (or web img) parameter enables unrestricted file upload. T...