Midasolutions Eframework — known CVE vulnerabilities
Every CVE whose affected-product data names Midasolutions Eframework, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2020-15921 — CVSS 9.8 (critical): Mida eFramework through 2.9.0 has a back door that permits a change of the administrative password and access to restricted…
CVE-2020-15920 — CVSS 9.8 (critical): There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with…
CVE-2020-15922 — CVSS 9.8 (critical): There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with…
CVE-2020-15924 — CVSS 7.5 (high): There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. No authentication is required. The…