Lucene search
K

27 matches found

CNNVD
CNNVD
added 2026/01/08 12:0 a.m.4 views

SOCA Access Control System 跨站脚本漏洞

SOCA Access Control System is an access control system from SOCA. A cross-site scripting vulnerability exists in SOCA Access Control System version 180612, which stems from improper cleanup of the senddata parameter in the loggedpage.php file, which could lead to a cross-site scripting attack...

6.1CVSS6AI score0.00198EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/07 11:11 p.m.29 views

CVE-2019-25270 SOCA Access Control System 180612 Reflected Cross-Site Scripting via logged_page.php

SOCA Access Control System 180612 contains a cross-site scripting vulnerability in the 'senddata' POST parameter of loggedpage.php that allows attackers to inject malicious scripts. Attackers can exploit this weakness by sending crafted POST requests to execute arbitrary HTML and script code in a...

6.1CVSS0.00198EPSS
Exploits1References5
NVD
NVD
added 2025/12/24 8:15 p.m.14 views

CVE-2018-25128

SOCA Access Control System 180612 contains multiple SQL injection vulnerabilities that allow attackers to manipulate database queries through unvalidated POST parameters. Attackers can bypass authentication, retrieve password hashes, and gain administrative access with full system privileges by...

9.3CVSS0.00354EPSS
Exploits1References3
NVD
NVD
added 2025/12/24 8:15 p.m.13 views

CVE-2018-25127

SOCA Access Control System 180612 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft malicious web pages that submit forged requests to create admin accounts by tricking logged-in users...

5.3CVSS0.00191EPSS
Exploits1References3
CVE
CVE
added 2025/12/24 7:27 p.m.12 views

CVE-2018-25129

CVE-2018-25129 affects the SOCA Access Control System (version 180612). The issue is insecure direct object references that allow access to sensitive credentials via unprotected endpoints Get_Permissions_From_DB.php and Ac10_ReadSortCard, enabling retrieval of password hashes and pins. Affected c...

7.5CVSS6.7AI score0.00308EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/24 7:27 p.m.37 views

CVE-2018-25127 SOCA Access Control System 180612 Cross-Site Request Forgery via Admin Interface

SOCA Access Control System 180612 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without proper request validation. Attackers can craft malicious web pages that submit forged requests to create admin accounts by tricking logged-in users...

5.3CVSS0.00191EPSS
Exploits1References3
CVE
CVE
added 2025/12/24 7:27 p.m.5 views

CVE-2018-25127

CVE-2018-25127 affects SOCA Access Control System 180612. The issue is a cross-site request forgery in the admin interface caused by lack of proper request validation, allowing forged requests to create admin accounts when a user visits a malicious page. Affected component: admin interface/API en...

5.3CVSS6.4AI score0.00191EPSS
Exploits1References3
CVE
CVE
added 2025/12/24 7:27 p.m.18 views

CVE-2018-25128

The CVE-2018-25128 entry concerns the SOCA Access Control System 180612, where unvalidated POST parameters enable multiple SQL injection flaws in Login.php and Card_Edit_GetJson.php. The root cause is injection into queries, allowing attackers to bypass authentication, retrieve password hashes, a...

9.3CVSS7.9AI score0.00354EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2019/05/13 12:0 a.m.87 views

SOCA Access Control System 180612 Cross Site Request Forgery

SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint access control system, Time and Attendance, Electric...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2019/05/13 12:0 a.m.53 views

SOCA Access Control System 180612 - Information Disclosure

SOCA Access Control System 180612 - Information Disclosure SOCA Access Control System 180612 Information Disclosure Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2019/05/13 12:0 a.m.94 views

SOCA Access Control System 180612 SQL Injection

SOCA Access Control System 180612 SQL Injection And Authentication Bypass Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint access control system, time and...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/05/13 12:0 a.m.94 views

SOCA Access Control System 180612 Information Disclosure

SOCA Access Control System 180612 Information Disclosure Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint access control system, time and attendance, electric...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/05/13 12:0 a.m.85 views

SOCA Access Control System 180612 - CSRF (Add Admin) Vulnerability

Exploit for php platform in category web applications SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/05/13 12:0 a.m.50 views

SOCA Access Control System 180612 - SQL Injection Vulnerability

Exploit for php platform in category web applications SOCA Access Control System 180612 SQL Injection And Authentication Bypass Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity...

Exploits0
exploitpack
exploitpack
added 2019/05/13 12:0 a.m.39 views

SOCA Access Control System 180612 - Cross-Site Request Forgery (Add Admin)

SOCA Access Control System 180612 - Cross-Site Request Forgery Add Admin SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximit...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2019/05/13 12:0 a.m.52 views

SOCA Access Control System 180612 - SQL Injection

SOCA Access Control System 180612 - SQL Injection SOCA Access Control System 180612 SQL Injection And Authentication Bypass Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and...

1AI score
Exploits0
Packet Storm
Packet Storm
added 2019/05/13 12:0 a.m.94 views

SOCA Access Control System 180612 Cross Site Scripting

SOCA Access Control System 180612 Reflected Cross-Site Scripting Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint access control system, time and attendance,...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/13 12:0 a.m.265 views

SOCA Access Control System 180612 - Cross-Site Request Forgery (Add Admin)

SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint access control system, Time and Attendance, Electric...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2019/05/13 12:0 a.m.114 views

SOCA Access Control System 180612 - Information Disclosure

SOCA Access Control System 180612 Information Disclosure Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint access control system, time and attendance, electric...

7AI score
Exploits0
0day.today
0day.today
added 2019/05/13 12:0 a.m.55 views

SOCA Access Control System 180612 - Information Disclosure

Exploit for php platform in category web applications SOCA Access Control System 180612 Information Disclosure Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include proximity and fingerprint...

7.4AI score
Exploits0
Rows per page
Query Builder