Skip to main content

Eframework

7 CVEs product

Monthly

CVE-2020-15924 HIGH POC This Week

There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Information Disclosure Eframework
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2020-15923 HIGH POC This Week

Mida eFramework through 2.9.0 allows unauthenticated ../ directory traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Eframework
NVD
CVSS 3.1
7.5
EPSS
3.3%
CVE-2020-15922 CRITICAL POC THREAT Act Now

There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Eframework
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
57.3%
CVE-2020-15921 CRITICAL POC THREAT Act Now

Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Authentication Bypass Eframework
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
18.3%
CVE-2020-15920 CRITICAL POC THREAT Emergency

There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Eframework
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
98.2%
CVE-2020-15919 MEDIUM POC This Month

A Reflected Cross Site Scripting (XSS) vulnerability was discovered in Mida eFramework through 2.9.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Eframework
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2020-15918 MEDIUM POC This Month

Multiple Stored Cross Site Scripting (XSS) vulnerabilities were discovered in Mida eFramework through 2.9.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Eframework
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 2% CVSS 7.5
HIGH POC This Week

There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Information Disclosure Eframework
NVD
EPSS 3% CVSS 7.5
HIGH POC This Week

Mida eFramework through 2.9.0 allows unauthenticated ../ directory traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Eframework
NVD
EPSS 57% CVSS 9.8
CRITICAL POC THREAT Act Now

There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Eframework
NVD Exploit-DB
EPSS 18% CVSS 9.8
CRITICAL POC THREAT Act Now

Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Authentication Bypass Eframework
NVD Exploit-DB
EPSS 98% CVSS 9.8
CRITICAL POC THREAT Emergency

There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Eframework
NVD Exploit-DB
EPSS 1% CVSS 6.1
MEDIUM POC This Month

A Reflected Cross Site Scripting (XSS) vulnerability was discovered in Mida eFramework through 2.9.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Eframework
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Multiple Stored Cross Site Scripting (XSS) vulnerabilities were discovered in Mida eFramework through 2.9.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Eframework
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy