Vulnerabilities > MV

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-02	CVE-2022-30496	SQL Injection vulnerability in MV Idce 1.0 SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information. network low complexity mv CWE-89	7.5
2021-07-21	CVE-2020-23282	SQL Injection vulnerability in MV Mconnect 02.001.00/2013.1.6.8 SQL injection in Logon Page in MV's mConnect application, v02.001.00, allows an attacker to use a non existing user with a generic password to connect to the application and get access to unauthorized information. network low complexity mv CWE-89	7.5
2021-07-21	CVE-2020-23283	Improper Restriction of Excessive Authentication Attempts vulnerability in MV Mconnect 02.001.00/2013.1.6.8 Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force. network low complexity mv CWE-307	7.5
2021-07-20	CVE-2020-23284	Information Exposure Through Log Files vulnerability in MV Idce 1.0 Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application. network low complexity mv CWE-532	7.5

Vulnerabilities > MV {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"MV"}]}