Aggregates CVE and security vulnerability intelligence across all gogogate-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk csrf and vendor risk cross-site scripting and related security problems, affecting vendor surface software deployment and vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2020-13119 | ismartgate PRO 1.5.9 is vulnerable to clickjacking. | [email protected] | 8.1 | 0.82% | 2020-09-24 | 2024-11-21 |
| CVE-2020-12843 | ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used. | [email protected] | 9.8 | 1.29% | 2020-09-24 | 2024-11-21 |
| CVE-2020-12842 | ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php. | [email protected] | 9.8 | 1.53% | 2020-09-24 | 2024-11-21 |
| CVE-2020-12841 | ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php | [email protected] | 6.5 | 0.49% | 2020-09-24 | 2024-11-21 |
| CVE-2020-12840 | ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php | [email protected] | 6.5 | 0.49% | 2020-09-24 | 2024-11-21 |
| CVE-2020-12839 | ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php. | [email protected] | 9.8 | 1.53% | 2020-09-24 | 2024-11-21 |
| CVE-2020-12838 | ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php. | [email protected] | 9.8 | 1.53% | 2020-09-24 | 2024-11-21 |
| CVE-2020-12837 | ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used. | [email protected] | 7.5 | 0.92% | 2020-09-24 | 2024-11-21 |
| CVE-2020-12282 | iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.) | [email protected] | 8.8 | 0.49% | 2020-09-24 | 2024-11-21 |
| CVE-2020-12281 | iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php. | [email protected] | 6.5 | 0.49% | 2020-09-24 | 2024-11-21 |
| CVE-2020-12280 | iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php. | [email protected] | 6.5 | 0.49% | 2020-09-24 | 2024-11-21 |