Giorgi Dograshvili [DRAGOWN] - Security Researcher

CVE-2025-26263 EXPLOITDB MEDIUM text WRITEUP

GeoVision ASManager <6.2.0 - Info Disclosure

GeoVision ASManager Windows desktop application with the version 6.1.2.0 or less (fixed in 6.2.0), is vulnerable to credentials disclosure due to improper memory handling in the ASManagerService.exe process.

CVSS 5.1

View Code

CVE-2024-56902 EXPLOITDB HIGH text WORKING POC

Geovision GV-ASManager <6.1.0.0 - Info Disclosure

Information disclosure vulnerability in Geovision GV-ASManager web application with the version v6.1.0.0 or less, which discloses account information, including cleartext password.

CVSS 7.5

View Code

CVE-2024-56901 EXPLOITDB HIGH text WORKING POC

Geovision GV-ASWeb <=6.1.1.0 - CSRF

A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASWeb application with the version 6.1.1.0 or less that allows attackers to arbitrarily create Administrator accounts via a crafted GET request method. This vulnerability is used in chain with CVE-2024-56903 for a successful CSRF attack.

CVSS 8.8

View Code