Aggregates CVE and security vulnerability intelligence across all sistemagpweb-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk sql injection, with potential vendor impact data exposure across vendor surface software deployment and vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2017-15877 | Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view the password and user database. | [email protected] | 9.8 | 0.34% | 2017-12-19 | 2026-05-13 |
| CVE-2017-15876 | Unrestricted File Upload vulnerability in GPWeb 8.4.61 allows remote authenticated users to upload any type of file, including a PHP shell. | [email protected] | 7.2 | 1.14% | 2017-12-19 | 2026-05-13 |
| CVE-2017-15875 | SQL injection vulnerability in Password Recovery in GPWeb 8.4.61 allows remote attackers to execute arbitrary SQL commands via the "checkemail" parameter. | [email protected] | 9.8 | 0.49% | 2017-12-19 | 2026-05-13 |