Lucene search

K
MbconnectlineMbconnect24

7 matches found

CVE
CVE
added 2020/10/02 7:15 p.m.51 views

CVE-2020-24568

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the lancompenent component, allowing logged-in attackers to discover arbitrary information.

6.5CVSS6.9AI score0.00401EPSS
CVE
CVE
added 2020/09/30 6:15 p.m.49 views

CVE-2020-24570

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a CSRF issue (with resultant SSRF) in the com_mb24proxy module, allowing attackers to steal session information from logged-in users with a crafted link.

6.5CVSS6.3AI score0.00133EPSS
CVE
CVE
added 2021/03/02 10:15 p.m.43 views

CVE-2020-12527

An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. Improper access validation allows a logged in user to shutdown or reboot devices in his account without having corresponding permissions.

6.8CVSS6.7AI score0.00219EPSS
CVE
CVE
added 2021/02/16 4:15 p.m.42 views

CVE-2020-35557

An issue in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 allows a logged in user to see devices in the account he should not have access to due to improper use of access validation.

6.5CVSS6.8AI score0.00319EPSS
CVE
CVE
added 2021/03/02 10:15 p.m.41 views

CVE-2020-12530

An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. There is an XSS issue in the redirect.php allowing an attacker to inject code via a get parameter.

6.1CVSS5.8AI score0.00267EPSS
CVE
CVE
added 2021/02/16 4:15 p.m.32 views

CVE-2020-35560

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is an unauthenticated open redirect in the redirect.php.

6.1CVSS6.3AI score0.00272EPSS
CVE
CVE
added 2021/02/16 4:15 p.m.30 views

CVE-2020-35569

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is a self XSS issue with a crafted cookie in the login page.

6.1CVSS5.9AI score0.00335EPSS