Mb Connect Line Mbconnect24 vulnerabilities
63 known vulnerabilities affecting mb_connect_line/mbconnect24.
Total CVEs
63
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH28MEDIUM33
Vulnerabilities
Page 4 of 4
CVE-2020-12530P4MEDIUMCVSS 6.1≥ 2.6.2, ≤ 2.6.22021-03-02
CVE-2020-12530 [MEDIUM] CWE-79 CVE-2020-12530: An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions th
An issue was discovered in MB connect line mymbCONNECT24 and mbCONNECT24 software in all versions through V2.6.2. There is an XSS issue in the redirect.php allowing an attacker to inject code via a get parameter.
nvd
CVE-2021-34574P4MEDIUMCVSS 4.3≥ 2, ≤ 2.11.22021-08-02
CVE-2021-34574 [MEDIUM] CWE-669 CVE-2021-34574: In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versio
In MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2 an authenticated attacker can change the password of his account into a new password that violates the password policy by intercepting and modifying the request that is send to the server.
nvd
CVE-2023-1779P4MEDIUMCVSS 4.3≥ 1.0.0, ≤ 2.13.32023-06-06
CVE-2023-1779 [MEDIUM] CWE-863 CVE-2023-1779: Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNE
Exposure of Sensitive Information to an unauthorized actor vulnerability in MB Connect Lines mbCONNECT24, mymbCONNECT24 and Helmholz' myREX24 and myREX24.virtual in versions <=2.13.3 allow an authorized remote attacker with low privileges to view a limited amount of another accounts contact information.
nvd
← Previous4 / 4