Lucene search
K

5 matches found

NVD
NVD
added 2021/06/21 11:15 a.m.21 views

CVE-2021-31769

MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data can be read in the %PROGRAMFILES%\MyQ\PHP\Sessions directory. The "Select server file" feature is only intended for administrators but actually does not require authorizatio...

9CVSS0.04062EPSS
Exploits1References1
Prion
Prion
added 2021/06/21 11:15 a.m.15 views

Design/Logic Flaw

MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data can be read in the %PROGRAMFILES%\MyQ\PHP\Sessions directory. The "Select server file" feature is only intended for administrators but actually does not require authorizatio...

9CVSS8.9AI score0.04062EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/06/21 10:59 a.m.54 views

CVE-2021-31769

CVE-2021-31769 affects MyQ X Smart prior to 8.2. The vulnerability allows remote code execution because administrative session data can be read from %PROGRAMFILES%\MyQ\PHP\Sessions, and the non‑administration‑restricted “Select server file” feature enables attackers to inject arbitrary OS command...

9CVSS8.9AI score0.04062EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/06/21 10:59 a.m.23 views

CVE-2021-31769

MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data can be read in the %PROGRAMFILES%\MyQ\PHP\Sessions directory. The "Select server file" feature is only intended for administrators but actually does not require authorizatio...

9.2AI score0.04062EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/06/21 12:0 a.m.5 views

MyQ X 操作系统命令注入漏洞

MyQ X is an application of myq-solution. It neatly organizes past and active projects in one place and centralizes their management in one interface. A security vulnerability exists in MyQ X Smart versions prior to 8.2, which can be exploited by an attacker to inject arbitrary OS commands via the...

9CVSS8.1AI score0.04062EPSS
Exploits1References1
Rows per page
Query Builder