Invigo

invigo

6 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Automatic Device Management

automatic_device_management

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-10584 1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A directory traversal on the /admin/search_by.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to read arbitrary server files accessible to the user running the application.
CVE-2020-10583 1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 The /admin/admapi.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary OS commands on the server as the user running the application.
CVE-2020-10582 1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A SQL injection on the /admin/display_errors.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to execute arbitrary SQL requests (including data reading and modification) on the d...Show more A SQL injection on the /admin/display_errors.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to execute arbitrary SQL requests (including data reading and modification) on the database.Show less
CVE-2020-10581 1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data hosted by the application...Show more Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data hosted by the application.Show less
CVE-2020-10580 1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the user running the app...Show more A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the user running the application.Show less
CVE-2020-10579 1Invigo 1Automatic Device Management Nov 21, 2024 Mar 25, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to the user running the...Show more A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to the user running the application.Show less