Vulnerabilities > Hexagongeospatial

DATE CVE VULNERABILITY TITLE RISK
2021-08-30 CVE-2021-37749 SQL Injection vulnerability in Hexagongeospatial Geomedia Webmap
MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 (aka 16.6.2.66) allows blind SQL Injection via the Id (within sourceItems) parameter to the GetMap method.
network
low complexity
hexagongeospatial CWE-89
critical
10.0
2020-01-30 CVE-2013-0725 Uncontrolled Search Path Element vulnerability in Hexagongeospatial Erdas ER Viewer 13.0
ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities
6.9