Gogogate: >> Ismartgate Pro Security Vulnerabilities
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-09-24
ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-09-24
ismartgate PRO 1.5.9 is vulnerable to clickjacking.
CVSS Score
8.1
EPSS Score
0.003
Published
2020-09-24
iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-09-24
iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)
CVSS Score
8.8
EPSS Score
0.002
Published
2020-09-24
ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used.
CVSS Score
7.5
EPSS Score
0.004
Published
2020-09-24
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-09-24
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-09-24
ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php
CVSS Score
6.5
EPSS Score
0.002
Published
2020-09-24
ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php
CVSS Score
6.5
EPSS Score
0.002
Published
2020-09-24
Page 1