Riasztások

A vulnerability has been found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /applyleave.php. The...

A vulnerability was found in Campcodes Employee Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /process/aprocess.php. The...

A vulnerability was found in Campcodes Employee Management System 1.0. It has been classified as critical. This affects an unknown part of the file /changepassemp.php. The manipulation of the...

A cross-site request forgery (CSRF) vulnerability exists in the web interface of AVTECH IP camera, DVR, and NVR devices. An attacker can craft malicious requests that, when executed in the context...

A server-side request forgery vulnerability exists in multiple firmware versions of AVTECH DVR devices that exposes the /cgi-bin/nobody/Search.cgi?action=cgi_query endpoint without authentication....

An unauthenticated information disclosure vulnerability exists in AVTECH IP cameras, DVRs, and NVRs via Machine.cgi?action=get_capability. Sensitive internal device information such as firmware...

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd web server. The strstr() function is used to identify ".cab" requests, allowing any URL containing...

An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgi_query. The use of wget without input sanitization allows attackers to inject shell commands...

An OS command injection vulnerability exists in AVTECH DVR, NVR, and IP camera devices within the adcommand.cgi endpoint, which interfaces with the ActionD daemon. Authenticated users can invoke...

An OS command injection vulnerability exists in AVTECH IP camera, DVR, and NVR devices via the PwdGrp.cgi endpoint, which handles user and group management operations. Authenticated users can...