CVE-2019-12720

Published: Nov 12, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvc_send_mail.aspx (MailAdd parameter) SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picture_manage_mvc.aspx plant_no parameter, the swapdl_mvc.aspx plant_no parameter, and the account_management.aspx Text_Postal_Code and Text_Dis_Code parameters.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://drive.google.com/file/d/1QYgj4FU0MjSIhgXwddg4L5no9KYn8E9v/view

x_refsource_MISC

https://www.exploit-db.com/exploits/47542

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-12720

Description

Affected Products

References