Vulnerabilities > Sistemagpweb

DATE	CVE	VULNERABILITY TITLE	RISK
2017-12-19	CVE-2017-15877	Incorrect Permission Assignment for Critical Resource vulnerability in Sistemagpweb Gpweb 8.4.61 Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view the password and user database. network low complexity sistemagpweb CWE-732 critical	9.8
2017-12-19	CVE-2017-15876	Unrestricted Upload of File with Dangerous Type vulnerability in Sistemagpweb Gpweb 8.4.61 Unrestricted File Upload vulnerability in GPWeb 8.4.61 allows remote authenticated users to upload any type of file, including a PHP shell. network low complexity sistemagpweb CWE-434	7.2
2017-12-19	CVE-2017-15875	SQL Injection vulnerability in Sistemagpweb Gpweb 8.4.61 SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the "checkemail" parameter. network low complexity sistemagpweb CWE-89 critical	9.8

Vulnerabilities > Sistemagpweb {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Sistemagpweb"}]}