← Back

Auo

auo

4 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Solar Data Recorder
solar_data_recorder
2 CVEs
Sunveillance Monitoring System & Data Recorder
sunveillance_monitoring_system_&_data_recorder
2 CVEs

CVEs (4)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-12720
1Auo
1Sunveillance Monitoring System & Data Recorder
Jun 17, 2026
Nov 12, 2019
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvc_send_mail.aspx (MailAdd parameter) SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileg...Show more
AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvc_send_mail.aspx (MailAdd parameter) SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picture_manage_mvc.aspx plant_no parameter, the swapdl_mvc.aspx plant_no parameter, and the account_management.aspx Text_Postal_Code and Text_Dis_Code parameters.Show less
CVE-2019-12719
1Auo
1Sunveillance Monitoring System & Data Recorder
Jun 17, 2026
Nov 12, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a mod...Show more
An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a modified authority parameter.Show less
CVE-2019-11368
1Auo
1Solar Data Recorder
Jun 17, 2026
Jun 3, 2019
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via the protect/config.htm addr parameter.
CVE-2019-11367
1Auo
1Solar Data Recorder
Jun 17, 2026
Jun 3, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password,...Show more
An issue was discovered in AUO Solar Data Recorder before 1.3.0. The web portal uses HTTP Basic Authentication and provides the account and password in the WWW-Authenticate attribute. By using this account and password, anyone can login successfully.Show less