gogogate

Top products

The 11 most recently published vulnerabilities affecting gogogate.

• CVE-2020-13119ismartgate PRO 1.5.9 is vulnerable to clickjacking.8.1Sep 24, 2020
• CVE-2020-12843ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used.9.8Sep 24, 2020
• CVE-2020-12838ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php.9.8Sep 24, 2020
• CVE-2020-12842ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php.9.8Sep 24, 2020
• CVE-2020-12839ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php.9.8Sep 24, 2020
• CVE-2020-12837ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used.7.5Sep 24, 2020
• CVE-2020-12840ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php6.5Sep 24, 2020
• CVE-2020-12841ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php6.5Sep 24, 2020
• CVE-2020-12282iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.)8.8Sep 24, 2020
• CVE-2020-12281iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php.6.5Sep 24, 2020
• CVE-2020-12280iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php.6.5Sep 24, 2020