64 matches found
EUVD-2020-7890
Malware in sbrugna...
EUVD-2020-7896
Malware in sbrugna...
EUVD-2020-7895
Malware in sbrugna...
EUVD-2020-7891
Malware in sbrugna...
CVE-2020-15924
There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. No authentication is required. The injection point resides in one of the authentication parameters...
CVE-2020-15923
Mida eFramework through 2.9.0 allows unauthenticated ../ directory traversal...
CVE-2020-15921
Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution...
CVE-2020-15919
A Reflected Cross Site Scripting XSS vulnerability was discovered in Mida eFramework through 2.9.0...
CVE-2020-15918
Multiple Stored Cross Site Scripting XSS vulnerabilities were discovered in Mida eFramework through 2.9.0...
CVE-2020-15920
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution RCE with administrative root privileges. No authentication is required...
VulnCheck KEV: CVE-2020-15920
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution RCE with administrative root privileges. No authentication is required...
Unauthorized Access Vulnerability in EKECMS
EKECMS is based on the eFrameWork rapid development framework under the application, the main purpose is for the eFrameWork framework for the use of examples. An unauthorized access vulnerability exists in EKECMS, which can be exploited by an attacker to bypass login authentication...
Mida eFramework 2.8.9 - Remote Code Execution
Exploit Title: Mida eFramework 2.8.9 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
Mida eFramework 2.8.9 Remote Code Execution
Exploit Title: Mida eFramework 2.8.9 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
Mida eFramework 2.9.0 Backdoor Access
Exploit Title: Mida eFramework 2.9.0 - Back Door Access Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
Mida eFramework 2.9.0 - Back Door Access
Exploit Title: Mida eFramework 2.9.0 - Back Door Access Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
Mida Solutions eFramework ajaxreq.php Command Injection
This module exploits a command injection vulnerability in Mida Solutions eFramework version 2.9.0 and prior. The ajaxreq.php file allows unauthenticated users to inject arbitrary commands in the PARAM parameter to be executed as the apache user. The sudo configuration permits the apache user to...
Mida Solutions eFramework ajaxreq.php Command Injection Exploit
This Metasploit module exploits a command injection vulnerability in Mida Solutions eFramework version 2.9.0 and prior. The ajaxreq.php file allows unauthenticated users to inject arbitrary commands in the PARAM parameter to be executed as the apache user. The sudo configuration permits the apach...
Mida eFramework 2.9.0 - Remote Code Execution
Exploit Title: Mida eFramework 2.9.0 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...
Mida eFramework 2.9.0 Remote Code Execution
Exploit Title: Mida eFramework 2.9.0 - Remote Code Execution Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...