SQL Injection in Shenzhen Ruiming Technology Streamax Crocus 1.3.44

60% confidence

Description

A critical SQL injection vulnerability exists in an unknown function of the file /OperateStatistic.do in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. The manipulation of the argument VehicleID allows for remote exploitation without authentication, affecting confidentiality, integrity, and availability.

Affected Products

Vendor	Product	Versions
shenzhen ruiming technology	streamax crocus	1.3.44

Related News (1 articles)

Tier C

VulDB5h ago

VDB-353143 | Shenzhen Ruiming Technology Streamax Crocus 1.3.44 /OperateStatistic.do VehicleID sql injection

→ No new info (linked only)

CISA KEV❌ No

Actively exploited❌ No

CWECWE-89

Published3/25/2026

Last enriched4h ago

Community Vote

0 upvotes0 downvotes

No votes yet

Pin to Dashboard

Verification

State: reported

Confidence: 6000%