Vulnerabilities > Schneider Electric > U Motion Builder > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-03 | CVE-2018-7777 | Improper Input Validation vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability is due to insufficient handling of update_file request parameter on update_module.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.8 |
| 2018-07-03 | CVE-2018-7774 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of localize.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.8 |
| 2018-07-03 | CVE-2018-7773 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of nfcserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.8 |
| 2018-07-03 | CVE-2018-7772 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of applets which are exposed on the web service in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.8 |
| 2018-07-03 | CVE-2018-7771 | Path Traversal vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of editscript.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.0 |
| 2018-07-03 | CVE-2018-7769 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of xmlserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.8 |
| 2018-07-03 | CVE-2018-7768 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.8 |
| 2018-07-03 | CVE-2018-7767 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of editobject.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.8 |
| 2018-07-03 | CVE-2018-7766 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of track_getdata.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.8 |
| 2018-07-03 | CVE-2018-7765 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 8.8 |