CVE-2024-1576
- EPSS 0.14%
- Veröffentlicht 12.06.2024 14:15:10
- Zuletzt bearbeitet 21.11.2024 08:50:52
SQL Injection vulnerability in MegaBIP software allows attacker to obtain site administrator privileges, including access to the administration panel and the ability to change the administrator password. This issue affects MegaBIP software versions t...
CVE-2024-1577
- EPSS 2.29%
- Veröffentlicht 12.06.2024 14:15:10
- Zuletzt bearbeitet 21.11.2024 08:50:52
Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the website files. This issue affects MegaBIP software versio...
CVE-2024-1659
- EPSS 0.21%
- Veröffentlicht 12.06.2024 14:15:10
- Zuletzt bearbeitet 21.11.2024 08:51:01
Arbitrary File Upload vulnerability in MegaBIP software allows attacker to upload any file to the server (including a PHP code file) without an authentication. This issue affects MegaBIP software versions through 5.10.
CVE-2023-5378
- EPSS 0.12%
- Veröffentlicht 29.01.2024 12:15:07
- Zuletzt bearbeitet 21.11.2024 08:41:38
Improper Input Validation vulnerability in MegaBIP and already unsupported SmodBIP software allows for Stored XSS.This issue affects SmodBIP in all versions and MegaBIP in versions up to 4.36.2. MegaBIP 5.08 was tested and is not vulnerable. A preci...