Data

Tools

Indexes

Applications

Experiments

Repos

An open API service providing repository metadata for many open source software ecosystems.

GitHub topics: asweb

DRAGOWN/CVE-2024-56901

CVE-2024-56901 - A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASManager web application with the version 6.1.1.0 or less that allows attackers to arbitrarily create Admin accounts via a crafted POST request.

Size: 17.6 KB - Last synced at: 29 days ago - Pushed at: 29 days ago - Stars: 0 - Forks: 0

DRAGOWN/CVE-2024-56898

CVE-2024-56898 - Broken access control vulnerability in GeoVision GV-ASManager web application with version v6.1.0.0 or less. This vulnerability allows low privilege users perform actions that they aren't authorized to, which can be leveraged to escalate privileges, create, modify or delete accounts.

Size: 13.7 KB - Last synced at: 29 days ago - Pushed at: 29 days ago - Stars: 0 - Forks: 0

DRAGOWN/CVE-2024-56902

CVE-2024-56902 - Information disclosure vulnerability in GeoVision GV-ASManager web application with the version v6.1.0.0 or less, which discloses account information, including cleartext password.

Size: 11.7 KB - Last synced at: 29 days ago - Pushed at: 29 days ago - Stars: 1 - Forks: 0

DRAGOWN/CVE-2024-56903

CVE-2024-56903 - Geovision GV-ASManager web application with the version 6.1.1.0 or less allows attackers to modify POST requests with GET in critical functionalities, such as account management. This vulnerability is used in chain with CVE-2024-56901 for a successful CSRF attack.

Size: 12.7 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

Related Keywords
asmanager 4 asweb 4 geovision 4 csrf 2 escalation 2 privilege 2 cve-2024-56903 1 password 1 information 1 disclosure 1 cve-2024-56902 1 cleartext 1 cve-2024-56898 1 control 1 broken 1 bac 1 access 1 http-method-manipulation 1 cve-2024-56901 1