CVE-2024-6188 | Parsec Automation TrackSYS 11.x.x pagedefinition ID direct request

Posted by Angelo Barbosa | Jun 20, 2024 | CVE

A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request.

The identification of this vulnerability is CVE-2024-6188. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-6188 | Parsec Automation TrackSYS 11.x.x pagedefinition ID direct request

Related Posts

CVE-2024-10758 | code-projects/anirbandutta9 Content Management System/News-Buzz 1.0 /index.php user_name sql injection

CVE-2024-29014 | SonicWALL NetExtender up to 10.2.339 on Windows EPC Client Update Privilege Escalation (SNWLID-2024-0011)

CVE-2024-34899 | WWBN AVideo 12.4 cross site scripting

CVE-2023-40057 | SolarWinds Access Rights Manager up to 2023.2.2 Service deserialization