Skip to main content

Megabip

3 CVEs product

Monthly

CVE-2024-1659 CRITICAL Act Now

Arbitrary File Upload vulnerability in MegaBIP software allows attacker to upload any file to the server (including a PHP code file) without an authentication.10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload Megabip
NVD
CVSS 4.0
9.3
EPSS
0.7%
CVE-2024-1577 CRITICAL Act Now

Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection PHP RCE Megabip
NVD
CVSS 4.0
9.3
EPSS
1.1%
CVE-2024-1576 CRITICAL Act Now

SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Megabip
NVD
CVSS 4.0
9.3
EPSS
0.6%
EPSS 1% CVSS 9.3
CRITICAL Act Now

Arbitrary File Upload vulnerability in MegaBIP software allows attacker to upload any file to the server (including a PHP code file) without an authentication.10. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP File Upload Megabip
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection PHP RCE +1
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Megabip
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy