Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Sfcyazilim Subscribe
Filtered by product Sonlogger
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-27964 1 Sfcyazilim 1 Sonlogger 2024-11-21 7.5 HIGH 9.8 CRITICAL
SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authentication or session header. There is no check for the file extension or content of the uploaded file.
CVE-2021-27963 1 Sfcyazilim 1 Sonlogger 2024-11-21 6.4 MEDIUM 8.2 HIGH
SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g., SuperAdmin). An anonymous user can send a POST request to /User/saveUser without any authentication or session header.

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024