Product:

Sonlogger

(Sfcyazilim)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 2
Date Id Summary Products Score Patch Annotated
2021-03-05 CVE-2021-27963 SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g., SuperAdmin). An anonymous user can send a POST request to /User/saveUser without any authentication or session header. Sonlogger 8.2
2021-03-05 CVE-2021-27964 SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File Upload. An attacker can send a POST request to /Config/SaveUploadedHotspotLogoFile without any authentication or session header. There is no check for the file extension or content of the uploaded file. Sonlogger 9.8