6 matches found
EUVD-2021-12778
Malware in sbrugna...
CVE-2021-25898
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored in unencrypted source-code text files. This was noted when accessing the svc-login.php file. The value is used to authenticate a high-privileged user upon authenticating with the server...
CVE-2021-25898
An issue was discovered in svc-login.php in Void Aural Rec Monitor 9.0.0.1. Passwords are stored in unencrypted source-code text files. This was noted when accessing the svc-login.php file. The value is used to authenticate a high-privileged user upon authenticating with the server...
CVE-2021-25899
Void Aural Rec Monitor 9.0.0.1 contains a SQL injection in svc-login.php (param1) exploitable via blind time-based requests. An unauthenticated attacker can trigger the vulnerability to potentially read data, modify data, and perform unauthorized administrative actions. No exploit details are pro...
CVE-2021-25898
The CVE-2021-25898 entry relates to Void Aural Rec Monitor 9.0.0.1, where passwords are stored in unencrypted source-code text files within svc-login.php. This creates an information-disclosure risk because the credential value is used to authenticate a high-privileged user when accessing the ser...
Void Aural Rec Monitor SQL注入漏洞
Void Aural Rec Monitor is an application from the Spanish company Void. Aural Rec Monitor version 9.0.0.1 suffers from a SQL injection vulnerability, which originates in svc-login.php, where an unauthenticated attacker sends a crafted HTTP request to perform a blind time-based SQL injection...