Skip to main content

Mxsecurity

9 CVEs product

Monthly

CVE-2024-4740 HIGH This Week

MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Mxsecurity
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-4739 HIGH This Week

The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mxsecurity
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-39983 MEDIUM PATCH This Month

A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Mxsecurity
NVD
CVSS 3.1
5.3
EPSS
0.5%
CVE-2023-39982 MEDIUM PATCH This Month

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Mxsecurity
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2023-39981 HIGH PATCH This Week

A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Mxsecurity
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-39980 HIGH PATCH This Week

A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Mxsecurity
NVD
CVSS 3.1
8.1
EPSS
0.5%
CVE-2023-39979 CRITICAL Act Now

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mxsecurity
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-33236 CRITICAL PATCH Act Now

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Mxsecurity
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-33235 HIGH PATCH This Week

MXsecurity version 1.0 is vulnearble to command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Command Injection Mxsecurity
NVD
CVSS 3.1
8.8
EPSS
1.5%
EPSS 0% CVSS 7.5
HIGH This Week

MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Mxsecurity
NVD
EPSS 0% CVSS 7.5
HIGH This Week

The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mxsecurity
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Mxsecurity
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Mxsecurity
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Missing Authentication for Critical Function vulnerability could allow attackers to access critical functionality without authentication.

Authentication Bypass Mxsecurity
NVD
EPSS 1% CVSS 8.1
HIGH PATCH This Week

A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Mxsecurity
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mxsecurity
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

MXsecurity version 1.0 is vulnearble to hardcoded credential vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Mxsecurity
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

MXsecurity version 1.0 is vulnearble to command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Command Injection Mxsecurity
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy