21 matches found
EUVD-2019-4311
Malware in sbrugna...
EUVD-2019-4310
Malware in sbrugna...
CVE-2019-12719
An issue was discovered in PictureManagemvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a modified authority parameter...
CVE-2019-12720
AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvcsendmail.aspx MailAdd parameter SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picturemanagemvc.aspx plantno parameter, the...
AUO SunVeillance Monitoring System Code Issue Vulnerabilities
AUO SunVeillance Monitoring System is an intelligent cloud-based PV monitoring solution from AUO Taiwan. AUO SunVeillance Monitoring System v1.1.9e is vulnerable to a code issue in the PictureManagemvc.aspx file. An attacker can exploit this vulnerability to upload files via modified authorizatio...
CVE-2019-12719
An issue was discovered in PictureManagemvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a modified authority parameter...
CVE-2019-12720
AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvcsendmail.aspx MailAdd parameter SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picturemanagemvc.aspx plantno parameter, the...
CVE-2019-12719
An issue was discovered in PictureManagemvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a modified authority parameter...
CVE-2019-12720
AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvcsendmail.aspx MailAdd parameter SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picturemanagemvc.aspx plantno parameter, the...
Sql injection
AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvcsendmail.aspx MailAdd parameter SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picturemanagemvc.aspx plantno parameter, the...
CVE-2019-12720
AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvcsendmail.aspx MailAdd parameter SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picturemanagemvc.aspx plantno parameter, the...
CVE-2019-12720
AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to SQL Injection in mvc_send_mail.aspx (MailAdd parameter). The issue also affects the picture_manage_mvc.aspx (plant_no), swapdl_mvc.aspx (plant_no), and account_management.aspx (Text_Postal_Code, Text_Dis_Code) parameters. Attacker...
CVE-2019-12719
An issue was discovered in PictureManagemvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a modified authority parameter...
CVE-2019-12719
The CVE-2019-12719 entry concerns AUO SunVeillance Monitoring System, specifically Picture_Manage_mvc.aspx. Affected version: before v1.1.9e. Root cause: incorrect access control that can be bypassed via a modified authority parameter. Consequence: unauthenticated attacker can upload files, indic...
AUO SunVeillance Monitoring System 1.1.9e - (MailAdd) SQL Injection Vulnerability
Exploit for hardware platform in category web applications Exploit Title: AUO SunVeillance Monitoring System 1.1.9e - 'MailAdd' SQL Injection Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO SunVeillance Monitoring System all versions prior to v1.1.9e Tested on: ...
AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control
Exploit Title: AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control Date: 2019-10-24 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO SunVeillance Monitoring System all versions prior to v1.1.9e Tested on: It is a proprietary devices:...
AUO SunVeillance Monitoring System 1.1.9e Incorrect Access Control
Exploit Title: AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control Date: 2019-10-24 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO SunVeillance Monitoring System all versions prior to v1.1.9e Tested on: It is a proprietary devices:...
AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control
Exploit for hardware platform in category web applications Exploit Title: AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO SunVeillance Monitoring System all versions prior to v1.1.9e Tested on:...
AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control
AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control Exploit Title: AUO SunVeillance Monitoring System 1.1.9e - Incorrect Access Control Date: 2019-10-24 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO SunVeillance Monitoring System all versions...
AUO SunVeillance Monitoring System 1.1.9e SQL Injection
Exploit Title: AUO SunVeillance Monitoring System 1.1.9e - 'MailAdd' SQL Injection Date: 2019-10-24 Exploit Author: Luca.Chiou Vendor Homepage: https://www.auo.com/zh-TW Version: AUO SunVeillance Monitoring System all versions prior to v1.1.9e Tested on: It is a proprietary devices:...