Vulnerabilities > Advantech > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-12-22 CVE-2021-21929 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
4.0
2021-12-22 CVE-2021-21930 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
4.0
2021-12-22 CVE-2021-21931 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
4.0
2021-12-22 CVE-2021-21932 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
4.0
2021-12-22 CVE-2021-21933 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
4.0
2021-12-22 CVE-2021-21934 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
4.0
2021-12-22 CVE-2021-21935 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
4.0
2021-12-22 CVE-2021-21937 SQL Injection vulnerability in Advantech R-Seenet 2.4.15
A specially-crafted HTTP request can lead to SQL injection.
network
low complexity
advantech CWE-89
4.0
2021-11-15 CVE-2021-42703 Cross-site Scripting vulnerability in Advantech Webaccess HMI Designer 2.1.7.32
This vulnerability could allow an attacker to send malicious Javascript code resulting in hijacking of the user’s cookie/session tokens, redirecting the user to a malicious webpage, and performing unintended browser action.
network
advantech CWE-79
4.3
2021-11-15 CVE-2021-42706 Use After Free vulnerability in Advantech Webaccess HMI Designer 2.1.7.32
This vulnerability could allow an attacker to disclose information and execute arbitrary code on affected installations of WebAccess/MHI Designer
local
low complexity
advantech CWE-416
4.6