elbae

4 exploits Active since Jul 2020
CVE-2020-15920 METASPLOIT CRITICAL ruby WORKING POC
Midasolutions Eframework < 2.9.0 - OS Command Injection
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.
CVSS 9.8
CVE-2020-15920 EXPLOITDB CRITICAL python WORKING POC
Midasolutions Eframework < 2.9.0 - OS Command Injection
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. No authentication is required.
CVSS 9.8
CVE-2020-15922 EXPLOITDB CRITICAL python WORKING POC
Midasolutions Eframework < 2.9.0 - OS Command Injection
There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Authentication is required.
CVSS 9.8
CVE-2020-15921 EXPLOITDB CRITICAL python WORKING POC
Midasolutions Eframework < 2.9.0 - Authentication Bypass
Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted functionalities, such as Code Execution.
CVSS 9.8