Radixiot

radixiot

4 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-37847 1Radixiot 2Mango Mangoapi Nov 5, 2024 Oct 25, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file.
CVE-2024-37846 1Radixiot 1Mango Nov 5, 2024 Oct 25, 2024 N/A· v4 4.6 MEDIUM· v3 N/A· v2 MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection (CSTI) vulnerability via the Platform Management Edit page.
CVE-2024-37845 1Radixiot 1Mango Nov 4, 2024 Oct 25, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Process Command feature.
CVE-2024-37844 1Radixiot 1Mango Nov 5, 2024 Oct 25, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A stored cross-site scripting (XSS) vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.