Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
midasolutions eframework vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-15919
A Reflected Cross Site Scripting (XSS) vulnerability exists in Mida eFramework up to and including 2.9.0.
Midasolutions Eframework
10
CVSSv2
CVE-2020-15920
There is an OS Command Injection in Mida eFramework up to and including 2.9.0 that allows an malicious user to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.
Midasolutions Eframework
10
CVSSv2
CVE-2020-15922
There is an OS Command Injection in Mida eFramework 2.9.0 that allows an malicious user to achieve Remote Code Execution (RCE) with administrative (root) privileges. Authentication is required.
Midasolutions Eframework
7.8
CVSSv2
CVE-2020-15923
Mida eFramework up to and including 2.9.0 allows unauthenticated ../ directory traversal.
Midasolutions Eframework
3.5
CVSSv2
CVE-2020-15918
Multiple Stored Cross Site Scripting (XSS) vulnerabilities were discovered in Mida eFramework up to and including 2.9.0.
Midasolutions Eframework
5
CVSSv2
CVE-2020-15924
There is a SQL Injection in Mida eFramework up to and including 2.9.0 that leads to Information Disclosure. No authentication is required. The injection point resides in one of the authentication parameters.
Midasolutions Eframework
7.5
CVSSv2
CVE-2020-15921
Mida eFramework up to and including 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution.
Midasolutions Eframework
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started