27 matches found
SOCA Access Control System 跨站脚本漏洞
SOCA Access Control System is an access control system from SOCA. A cross-site scripting vulnerability exists in SOCA Access Control System version 180612, which stems from improper cleanup of the senddata parameter in the loggedpage.php file, which could lead to a cross-site scripting attack...
CVE-2019-25270 SOCA Access Control System 180612 Reflected Cross-Site Scripting via logged_page.php
SOCA Access Control System 180612 contains a cross-site scripting vulnerability in the 'senddata' POST parameter of loggedpage.php that allows attackers to inject malicious scripts. Attackers can exploit this weakness by sending crafted POST requests to execute arbitrary HTML and script code in a...
CVE-2018-25128
SOCA Access Control System 180612 contains multiple SQL injection vulnerabilities that allow attackers to manipulate database queries through unvalidated POST parameters. Attackers can bypass authentication, retrieve password hashes, and gain administrative access with full system privileges by...
CVE-2018-25127
SOCA Access Control System 180612 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft malicious web pages that submit forged requests to create admin accounts by tricking logged-in users...
CVE-2018-25129
CVE-2018-25129 affects the SOCA Access Control System (version 180612). The issue is insecure direct object references that allow access to sensitive credentials via unprotected endpoints Get_Permissions_From_DB.php and Ac10_ReadSortCard, enabling retrieval of password hashes and pins. Affected c...
CVE-2018-25127
CVE-2018-25127 affects SOCA Access Control System 180612. The issue is a cross-site request forgery in the admin interface caused by lack of proper request validation, allowing forged requests to create admin accounts when a user visits a malicious page. Affected component: admin interface/API en...
CVE-2018-25127 SOCA Access Control System 180612 Cross-Site Request Forgery via Admin Interface
SOCA Access Control System 180612 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft malicious web pages that submit forged requests to create admin accounts by tricking logged-in users...
CVE-2018-25128
The CVE-2018-25128 entry concerns the SOCA Access Control System 180612, where unvalidated POST parameters enable multiple SQL injection flaws in Login.php and Card_Edit_GetJson.php. The root cause is injection into queries, allowing attackers to bypass authentication, retrieve password hashes, a...
SOCA Access Control System 180612 - Cross-Site Request Forgery (Add Admin)
SOCA Access Control System 180612 - Cross-Site Request Forgery Add Admin SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximit...
SOCA Access Control System 180612 - Information Disclosure
SOCA Access Control System 180612 - Information Disclosure SOCA Access Control System 180612 Information Disclosure Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and...
SOCA Access Control System 180612 CSRF Add Admin Exploit
Summary The company's products include proximity and fingerprint access control system, time and attendance, electric locks, card reader and writer, keyless entry system and other 30 specialized products. All products are attractively designed with advanced technology in accordance with users'...
SOCA Access Control System 180612 SQL Injection
SOCA Access Control System 180612 SQL Injection And Authentication Bypass Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint access control system, time and...
SOCA Access Control System 180612 Reflected Cross-Site Scripting
Summary The company's products include proximity and fingerprint access control system, time and attendance, electric locks, card reader and writer, keyless entry system and other 30 specialized products. All products are attractively designed with advanced technology in accordance with users'...
SOCA Access Control System 180612 Cross Site Request Forgery
SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint access control system, Time and Attendance, Electric...
SOCA Access Control System 180612 - Information Disclosure
Exploit for php platform in category web applications SOCA Access Control System 180612 Information Disclosure Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint...
SOCA Access Control System 180612 - CSRF (Add Admin) Vulnerability
Exploit for php platform in category web applications SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint...
SOCA Access Control System 180612 Information Disclosure
SOCA Access Control System 180612 Information Disclosure Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint access control system, time and attendance, electric...
SOCA Access Control System 180612 SQL Injection And Authentication Bypass
Summary The company's products include proximity and fingerprint access control system, time and attendance, electric locks, card reader and writer, keyless entry system and other 30 specialized products. All products are attractively designed with advanced technology in accordance with users'...
SOCA Access Control System 180612 Information Disclosure
Summary The company's products include proximity and fingerprint access control system, time and attendance, electric locks, card reader and writer, keyless entry system and other 30 specialized products. All products are attractively designed with advanced technology in accordance with users'...
SOCA Access Control System 180612 - Cross-Site Request Forgery (Add Admin)
SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint access control system, Time and Attendance, Electric...