Mobatime Web Application

CVEs (5)

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2023-3066	Mobatime AMXGT100	—	0.01	Jun 5, 2023	Incorrect Authorization vulnerability in Mobatime mobile application AMXGT100 allows a low-privileged user to impersonate anyone else, including administratorsThis issue affects Mobatime mobile application AMXGT100: through 1.3.20.
CVE-2023-3065	Mobatime AMXGT100	—	0.01	Jun 5, 2023	Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile application AMXGT100 through 1.3.20.
CVE-2023-3064	Mobatime AMXGT100	—	0.01	Jun 5, 2023	Anonymous user may get the list of existing users managed by the application, that could ease further attacks (see CVE-2023-3065 and 3066)This issue affects Mobatime mobile application AMXGT100 through 1.3.20.
CVE-2023-3033	Mobatime Mobatime Web Application	—	0.01	Jun 2, 2023	Incorrect Authorization vulnerability in Mobatime web application allows Privilege Escalation, Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobatime web application: through 06.7.22.
CVE-2023-3032	Mobatime Mobatime Web Application	—	0.01	Jun 2, 2023	Unrestricted Upload of File with Dangerous Type vulnerability in Mobatime web application (Documentary proof upload modules) allows a malicious user to Upload a Web Shell to a Web Server.This issue affects Mobatime web application: through 06.7.22.

CVE-2023-3066Jun 5, 2023
Mobatime
AMXGT100
risk 0.00cvss —epss 0.01
Incorrect Authorization vulnerability in Mobatime mobile application AMXGT100 allows a low-privileged user to impersonate anyone else, including administratorsThis issue affects Mobatime mobile application AMXGT100: through 1.3.20.
CVE-2023-3065Jun 5, 2023
Mobatime
AMXGT100
risk 0.00cvss —epss 0.01
Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.This issue affects Mobatime mobile application AMXGT100 through 1.3.20.
CVE-2023-3064Jun 5, 2023
Mobatime
AMXGT100
risk 0.00cvss —epss 0.01
Anonymous user may get the list of existing users managed by the application, that could ease further attacks (see CVE-2023-3065 and 3066)This issue affects Mobatime mobile application AMXGT100 through 1.3.20.
CVE-2023-3033Jun 2, 2023
Mobatime
Mobatime Web Application
risk 0.00cvss —epss 0.01
Incorrect Authorization vulnerability in Mobatime web application allows Privilege Escalation, Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobatime web application: through 06.7.22.
CVE-2023-3032Jun 2, 2023
Mobatime
Mobatime Web Application
risk 0.00cvss —epss 0.01
Unrestricted Upload of File with Dangerous Type vulnerability in Mobatime web application (Documentary proof upload modules) allows a malicious user to Upload a Web Shell to a Web Server.This issue affects Mobatime web application: through 06.7.22.