Filtered by vendor Amodat
Subscribe
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-23169 | 1 Amodat | 1 Mobile Application Gateway | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
attacker needs to craft a SQL payload. the vulnerable parameter is "agentid" must be authenticated to the admin panel. | |||||
CVE-2022-23168 | 1 Amodat | 1 Mobile Application Gateway | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The attacker could get access to the database. The SQL injection is in the username parameter at the login panel: username: admin'-- | |||||
CVE-2022-23167 | 1 Amodat | 1 Amodat | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Attacker crafts a GET request to: /mobile/downloadfile.aspx? Filename =../.. /windows/boot.ini the LFI is UNAUTHENTICATED. |