10 matches found
EUVD-2020-6228
Malware in sbrugna...
CVE-2020-14069
An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as demonstrated by arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.php, and wifi.php...
CVE-2021-21495
MK-AUTH through 19.01 K4.9 allows CSRF for password changes via the central/executarcentral.php?acao=altsenhaprinc URI...
CVE-2020-14071
An issue was discovered in MK-AUTH 19.01. XSS vulnerabilities in admin and client scripts allow an attacker to execute arbitrary JavaScript code...
CVE-2020-14072
An issue was discovered in MK-AUTH 19.01. It allows command execution as root via shell metacharacters to /auth admin scripts...
Sql injection
An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as demonstrated by arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.php, and wifi.php...
Sql injection
An issue was discovered in MK-AUTH 19.01. The web login functionality allows an attacker to bypass authentication and gain client privileges via SQL injection in central/executarlogin.php...
CVE-2020-14072
An issue was discovered in MK-AUTH 19.01. It allows command execution as root via shell metacharacters to /auth admin scripts...
CVE-2020-14071
An issue was discovered in MK-AUTH 19.01. XSS vulnerabilities in admin and client scripts allow an attacker to execute arbitrary JavaScript code...
CVE-2020-14068
An issue was discovered in MK-AUTH 19.01. The web login functionality allows an attacker to bypass authentication and gain client privileges via SQL injection in central/executarlogin.php...