CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-24568

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the lancompenent component, allowing logged-in attackers to discover arbitrary information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.9%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://mbconnectline.com/security-advice/
https://mbconnectline.com/security-advice/

Products affected by CVE-2020-24568

Mbconnectline » Mbconnect24 » Version: N/A

cpe:2.3:a:mbconnectline:mbconnect24:-
Mbconnectline » Mbconnect24 » Version: 2.5.0

cpe:2.3:a:mbconnectline:mbconnect24:2.5.0
Mbconnectline » Mbconnect24 » Version: 2.6.1

cpe:2.3:a:mbconnectline:mbconnect24:2.6.1
Mbconnectline » Mymbconnect24 » Version: N/A

cpe:2.3:a:mbconnectline:mymbconnect24:-
Mbconnectline » Mymbconnect24 » Version: 2.5.0

cpe:2.3:a:mbconnectline:mymbconnect24:2.5.0
Mbconnectline » Mymbconnect24 » Version: 2.6.1

cpe:2.3:a:mbconnectline:mymbconnect24:2.6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-24568

Products

Pricing

Contact Us