Vulnerabilities > Advantech > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-12-22 CVE-2021-21929 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
6.5
2021-12-22 CVE-2021-21930 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
6.5
2021-12-22 CVE-2021-21931 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
6.5
2021-12-22 CVE-2021-21932 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
6.5
2021-12-22 CVE-2021-21933 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
6.5
2021-12-22 CVE-2021-21934 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
6.5
2021-12-22 CVE-2021-21935 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
6.5
2021-12-22 CVE-2021-21937 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
6.5
2021-11-15 CVE-2021-42703 Cross-site Scripting vulnerability in Advantech Webaccess HMI Designer 2.1.7.32
This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action.
network
low complexity
advantech CWE-79
6.1
2021-10-27 CVE-2021-32951 Improper Authentication vulnerability in Advantech Webaccess/Nms 2.0.3/3.0.2
WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnerability, which may allow unauthorized users to view resources monitored and controlled by the WebAccess/NMS, as well as IP addresses and names of all the devices managed via WebAccess/NMS.
network
low complexity
advantech CWE-287
5.3