Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
midasolutions eframework vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-15918
Multiple Stored Cross Site Scripting (XSS) vulnerabilities were discovered in Mida eFramework up to and including 2.9.0.
Midasolutions Eframework
6.1
CVSSv3
CVE-2020-15919
A Reflected Cross Site Scripting (XSS) vulnerability exists in Mida eFramework up to and including 2.9.0.
Midasolutions Eframework
9.8
CVSSv3
CVE-2020-15920
There is an OS Command Injection in Mida eFramework up to and including 2.9.0 that allows an malicious user to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.
Midasolutions Eframework
9.8
CVSSv3
CVE-2020-15921
Mida eFramework up to and including 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution.
Midasolutions Eframework
9.8
CVSSv3
CVE-2020-15922
There is an OS Command Injection in Mida eFramework 2.9.0 that allows an malicious user to achieve Remote Code Execution (RCE) with administrative (root) privileges. Authentication is required.
Midasolutions Eframework
7.5
CVSSv3
CVE-2020-15923
Mida eFramework up to and including 2.9.0 allows unauthenticated ../ directory traversal.
Midasolutions Eframework
7.5
CVSSv3
CVE-2020-15924
There is a SQL Injection in Mida eFramework up to and including 2.9.0 that leads to Information Disclosure. No authentication is required. The injection point resides in one of the authentication parameters.
Midasolutions Eframework
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started