Vulnerabilities > Schneider Electric > U Motion Builder > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-07-03 | CVE-2018-7767 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of editobject.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 6.8 |
2018-07-03 | CVE-2018-7766 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of track_getdata.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 6.8 |
2018-07-03 | CVE-2018-7765 | SQL Injection vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 6.8 |
2018-07-03 | CVE-2018-7764 | Path Traversal vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 4.3 |
2018-07-03 | CVE-2018-7763 | Path Traversal vulnerability in Schneider-Electric U.Motion Builder 1.2.1 The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. | 4.3 |
2017-09-26 | CVE-2017-9960 | Information Exposure vulnerability in Schneider-Electric U.Motion Builder 1.2.1 An information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system response to error provides more information than should be available to an unauthenticated user. | 5.0 |
2017-09-26 | CVE-2017-9959 | Unspecified vulnerability in Schneider-Electric U.Motion Builder 1.2.1 A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system accepts reboot in session from unauthenticated users, supporting a denial of service condition. | 4.9 |