Product:

Mymbconnect24

(Mbconnectline)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 33
Date Id Summary Products Score Patch Annotated
2020-09-30 CVE-2020-24569 An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the knximport component via an advanced attack vector, allowing logged in attackers to discover arbitrary information. Mbconnect24, Mymbconnect24 4.3
2020-09-30 CVE-2020-24570 An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a CSRF issue (with resultant SSRF) in the com_mb24proxy module, allowing attackers to steal session information from logged-in users with a crafted link. Mbconnect24, Mymbconnect24 6.5
2020-10-02 CVE-2020-24568 An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. There is a blind SQL injection in the lancompenent component, allowing logged-in attackers to discover arbitrary information. Mbconnect24, Mymbconnect24 6.5