Myq Solution

myq-solution

3 CVEs • 3 products

Products (3)

Click to collapse

Toggle

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-22076 1Myq Solution 1Print Server Jun 16, 2025 Jan 23, 2024 N/A· v4 9.8 CRITICAL· v3 N/A· v2 MyQ Print Server before 8.2 patch 43 allows remote authenticated administrators to execute arbitrary code via PHP scripts that are reached through the administrative interface.
CVE-2023-27107 1Myq Solution 2Central Server Print Server Feb 3, 2025 Apr 26, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Incorrect access control in the runReport function of MyQ Solution Print Server before 8.2 Patch 32 and Central Server before 8.2 Patch 22 allows users who do not have appropriate access rights to generate internal repor...Show more Incorrect access control in the runReport function of MyQ Solution Print Server before 8.2 Patch 32 and Central Server before 8.2 Patch 22 allows users who do not have appropriate access rights to generate internal reports using a direct URL.Show less
CVE-2021-31769 1Myq Solution 1Myq Server Nov 21, 2024 Jun 21, 2021 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data can be read in the %PROGRAMFILES%\MyQ\PHP\Sessions directory. The "Select server file" feature i...Show more MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data can be read in the %PROGRAMFILES%\MyQ\PHP\Sessions directory. The "Select server file" feature is only intended for administrators but actually does not require authorization. An attacker can inject arbitrary OS commands (such as commands to create new .php files) via the Task Scheduler component.Show less