Browse all 5 CVE security advisories affecting motovnet. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Motovnet operates as a telematics and fleet management platform providing vehicle tracking, driver monitoring, and fleet analytics services. Historically, the system has been vulnerable to multiple remote code execution flaws, cross-site scripting attacks, and privilege escalation vulnerabilities, with five CVEs documented to date. Security researchers have identified authentication bypass weaknesses and insecure direct object references in its web interface, potentially exposing sensitive location and operational data. While no major public breaches have been reported, the consistent pattern of authentication and input validation issues suggests potential risks for organizations relying on motovnet's services without implementing additional security controls.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-7437 | Ebook Store <= 5.8012 - Unauthenticated Arbitrary File Upload — Ebook StoreCWE-434 | 9.8 | Critical | 2025-07-24 |
| CVE-2025-7486 | Ebook Store <= 5.8012 - Authenticated (Administrator+) Stored Cross-Site Scripting via Order Details — Ebook StoreCWE-79 | 4.4 | Medium | 2025-07-21 |
| CVE-2024-12262 | Ebook Store <= 5.8001 - Reflected Cross-Site Scripting via 'step' — Ebook StoreCWE-79 | 6.1 | Medium | 2024-12-21 |
| CVE-2024-11287 | Ebook Store <= 5.8001 - Reflected Cross-Site Scripting — Ebook StoreCWE-79 | 6.1 | Medium | 2024-12-21 |
| CVE-2024-6567 | Ebook Store <= 5.8001 - Unauthenticated Full Path Disclosure — Ebook StoreCWE-200 | 5.3 | Medium | 2024-08-02 |
This page lists every published CVE security advisory associated with motovnet. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.