Gpweb Security Vulnerabilities and Issues — Gpweb CVE List

Lucene search

SistemagpwebGpweb

3 matches found

CVE•added 2017/12/19 2:29 a.m.•36 views

CVE-2017-15875

SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the "checkemail" parameter.

9.8CVSS9.9AI score0.00467EPSS

CVE•added 2017/12/19 2:29 a.m.•34 views

CVE-2017-15877

Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view the password and user database.

9.8CVSS9.3AI score0.00343EPSS

CVE•added 2017/12/19 2:29 a.m.•32 views

CVE-2017-15876

Unrestricted File Upload vulnerability in GPWeb 8.4.61 allows remote authenticated users to upload any type of file, including a PHP shell.

9CVSS6.7AI score0.01085EPSS