Lucene search

Midasolutions Security Vulnerabilities

cve

CVE-2020-15920

There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is...

9.8CVSS

9.9AI Score

0.973EPSS

2020-07-24 01:15 AM

108

cve

CVE-2020-15921

Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code...

9.8CVSS

9.6AI Score

0.039EPSS

2020-07-24 01:15 AM

cve

CVE-2020-15924

There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. No authentication is required. The injection point resides in one of the authentication...

7.5CVSS

8AI Score

0.002EPSS

2020-07-24 01:15 AM

cve

CVE-2020-15922

There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Authentication is...

9.8CVSS

9.9AI Score

0.012EPSS

2020-07-24 01:15 AM

cve

CVE-2020-15923

Mida eFramework through 2.9.0 allows unauthenticated ../ directory...

7.5CVSS

7.6AI Score

0.007EPSS

2020-07-24 01:15 AM

cve

CVE-2020-15919

A Reflected Cross Site Scripting (XSS) vulnerability was discovered in Mida eFramework through...

6.1CVSS

6AI Score

0.001EPSS

2020-07-24 01:15 AM

cve

CVE-2020-15918

Multiple Stored Cross Site Scripting (XSS) vulnerabilities were discovered in Mida eFramework through...

5.4CVSS

5.5AI Score

0.001EPSS

2020-07-24 01:15 AM