Skip to main content

Mango Automation

8 CVEs product

Monthly

CVE-2015-7904 MEDIUM POC PATCH This Month

Unrestricted file upload vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary JSP code via vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

File Upload Mango Automation
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
6.5%
CVE-2015-7903 MEDIUM POC PATCH This Month

SQL injection vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Mango Automation
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
0.7%
CVE-2015-7902 MEDIUM POC PATCH THREAT This Month

Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 provides different error messages for failed login attempts in unspecified circumstances, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.4%.

Information Disclosure Mango Automation
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
12.4%
CVE-2015-7901 MEDIUM POC PATCH This Month

Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection Mango Automation
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
7.3%
CVE-2015-7900 MEDIUM POC PATCH THREAT This Month

Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote attackers to obtain sensitive debugging information by entering a crafted URL to trigger an exception, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 12.8%.

Information Disclosure Mango Automation
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
12.8%
CVE-2015-6494 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

XSS Mango Automation
NVD Exploit-DB
CVSS 2.0
3.5
EPSS
1.3%
CVE-2015-6493 MEDIUM POC PATCH This Month

Cross-site request forgery (CSRF) vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Mango Automation
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.3%
CVE-2015-1179 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in data_point_details.shtm in Mango Automation 2.4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dpid,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Mango Automation
NVD
CVSS 2.0
4.3
EPSS
0.2%
EPSS 6% CVSS 6.5
MEDIUM POC PATCH This Month

Unrestricted file upload vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary JSP code via vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

File Upload Mango Automation
NVD Exploit-DB
EPSS 1% CVSS 6.5
MEDIUM POC PATCH This Month

SQL injection vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Mango Automation
NVD Exploit-DB
EPSS 12% CVSS 5.0
MEDIUM POC PATCH THREAT This Month

Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 provides different error messages for failed login attempts in unspecified circumstances, which allows remote attackers to. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.4%.

Information Disclosure Mango Automation
NVD Exploit-DB
EPSS 7% CVSS 6.5
MEDIUM POC PATCH This Month

Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to execute arbitrary OS commands via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Command Injection Mango Automation
NVD Exploit-DB
EPSS 13% CVSS 4.3
MEDIUM POC PATCH THREAT This Month

Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote attackers to obtain sensitive debugging information by entering a crafted URL to trigger an exception, and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 12.8%.

Information Disclosure Mango Automation
NVD Exploit-DB
EPSS 1% CVSS 3.5
LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

XSS Mango Automation
NVD Exploit-DB
EPSS 0% CVSS 6.8
MEDIUM POC PATCH This Month

Cross-site request forgery (CSRF) vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available.

CSRF Mango Automation
NVD Exploit-DB
EPSS 0% CVSS 4.3
MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in data_point_details.shtm in Mango Automation 2.4.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) dpid,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Mango Automation
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy