CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Exploit DB•added 2020/09/21 12:0 a.m.•388 views

Mida eFramework 2.9.0 - Back Door Access

Exploit Title: Mida eFramework 2.9.0 - Back Door Access Google Dork: Server: Mida eFramework Date: 2020-08-27 Exploit Author: elbae Vendor Homepage: https://www.midasolutions.com/ Software Link: http://ova-efw.midasolutions.com/ Reference:...

9.8CVSS9.7AI score0.18416EPSS

Exploits3

Metasploit•added 2020/09/16 5:41 p.m.•49 views

Mida Solutions eFramework ajaxreq.php Command Injection

This module exploits a command injection vulnerability in Mida Solutions eFramework version 2.9.0 and prior. The ajaxreq.php file allows unauthenticated users to inject arbitrary commands in the PARAM parameter to be executed as the apache user. The sudo configuration permits the apache user to...

10CVSS9.7AI score0.93565EPSS

Exploits6

0day.today•added 2020/09/16 12:0 a.m.•74 views

Mida Solutions eFramework ajaxreq.php Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in Mida Solutions eFramework version 2.9.0 and prior. The ajaxreq.php file allows unauthenticated users to inject arbitrary commands in the PARAM parameter to be executed as the apache user. The sudo configuration permits the apach...

10CVSS0.5AI score0.93565EPSS

Exploits6

Packet Storm•added 2020/09/16 12:0 a.m.•637 views

Mida Solutions eFramework ajaxreq.php Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mida Solutions eFramework ajaxreq.php Command Injection', 'Description' = %q This module exploits a command injection vulnerability in Mida...

10CVSS0.4AI score0.93565EPSS

Exploits6

CNVD•added 2020/07/27 12:0 a.m.•2 views

Mida eFramework SQL Injection Vulnerability

Mida Solutions eFramework is a suite of unified communications and collaboration services from Mida Solutions, Italy. A SQL injection vulnerability exists in Mida Solutions eFramework version 2.9.0 and earlier. An attacker could exploit the vulnerability to obtain information...

7.5CVSS7.9AI score0.00574EPSS

Exploits1References1

CNVD•added 2020/07/27 12:0 a.m.•1 views

Mida Solutions eFramework OS Command Injection Vulnerability (CNVD-2020-42664)

Mida Solutions eFramework is a suite of unified communications and collaboration services from Mida Solutions, Italy. An operating system command injection vulnerability exists in Mida Solutions eFramework version 2.9.0 and earlier. A remote attacker can exploit the vulnerability to execute code...

10CVSS8.2AI score0.93565EPSS

Exploits6References1

CNVD•added 2020/07/27 12:0 a.m.•1 views

Mida Solutions eFramework Cross-Site Scripting Vulnerability

Mida Solutions eFramework is a suite of unified communications and collaboration services from Mida Solutions, Italy. A cross-site scripting vulnerability exists in Mida Solutions eFramework version 2.9.0 and earlier. The vulnerability stems from a lack of proper validation of client-side data by...

6.1CVSS6.4AI score0.0021EPSS

Exploits1References1

CNVD•added 2020/07/27 12:0 a.m.•1 views

Mida Solutions eFramework Cross-Site Scripting Vulnerability (CNVD-2020-42663)

5.4CVSS6.4AI score0.00206EPSS

Exploits1References1

0day.today•added 2020/07/21 12:0 a.m.•707 views

Mida Solutions eFramework 2.9.0 XSS / Code Execution / SQL Injection Vulnerabilities

Mida Solutions eFramework versions 2.9.0 and below suffer from command execution, cross site scripting, denial of service, remote SQL injection, and path traversal vulnerabilities. ============================================= Title: Mida Solutions eFramework Multiple Vulnerabilities Author: Andr...

0.7AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by