Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-15877 | 1 Sistemagpweb | 1 Gpweb | 2024-02-28 | 5.0 MEDIUM | 9.8 CRITICAL |
Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view the password and user database. | |||||
CVE-2017-15875 | 1 Sistemagpweb | 1 Gpweb | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the "checkemail" parameter. | |||||
CVE-2017-15876 | 1 Sistemagpweb | 1 Gpweb | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
Unrestricted File Upload vulnerability in GPWeb 8.4.61 allows remote authenticated users to upload any type of file, including a PHP shell. |