CVEs (6)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A directory traversal on the /admin/search_by.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to read arbitrary server files accessible to the user running the application. |
1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 The /admin/admapi.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary OS commands on the server as the user running the application. |
1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A SQL injection on the /admin/display_errors.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to execute arbitrary SQL requests (including data reading and modification) on the d...Show more |
1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data hosted by the application...Show more |
1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the user running the app...Show more |
1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to the user running the...Show more |