Sistemagpweb - Gpweb CVE

Filtered by vendor Sistemagpweb Subscribe

Filtered by product Gpweb

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-15877	1 Sistemagpweb	1 Gpweb	2019-10-03	5.0 MEDIUM	9.8 CRITICAL
Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view the password and user database.
CVE-2017-15875	1 Sistemagpweb	1 Gpweb	2018-01-02	7.5 HIGH	9.8 CRITICAL
SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the "checkemail" parameter.

Vulnerabilities (CVE)