Product
midasolutions eframework
7 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2020-15924
CVE-2020-15923
CVE-2020-15922
CVE-2020-15921
CVE-2020-15920
CVE-2020-15919
CVE-2020-15918
<= 2.9.0
There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. No authentication is required. The
<= 2.9.0
Mida eFramework through 2.9.0 allows unauthenticated ../ directory traversal.
<= 2.9.0
There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with admi
<= 2.9.0
Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functi
<= 2.9.0
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) w
<= 2.9.0
A Reflected Cross Site Scripting (XSS) vulnerability was discovered in Mida eFramework through 2.9.0.
<= 2.9.0
Multiple Stored Cross Site Scripting (XSS) vulnerabilities were discovered in Mida eFramework through 2.9.0.