VYPR
Vendor

Mango

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2024-37847HigOct 25, 2024
    risk 0.57cvss 8.8epss 0.01

    An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file.

  • CVE-2024-37845HigOct 25, 2024
    risk 0.47cvss 7.2epss 0.01

    MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Process Command feature.

  • CVE-2024-37844MedOct 25, 2024
    risk 0.35cvss 5.4epss 0.00

    A stored cross-site scripting (XSS) vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

  • CVE-2024-37846MedOct 25, 2024
    risk 0.30cvss 4.6epss 0.00

    MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection (CSTI) vulnerability via the Platform Management Edit page.