Lucene search
K

4 matches found

OSV
OSV
added 2021/12/22 7:15 p.m.3 views

CVE-2021-21931

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at‘ statfilter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery...

6.5CVSS7AI score0.01144EPSS
Exploits1References1
CVE
CVE
added 2021/12/22 6:7 p.m.58 views

CVE-2021-21931

CVE-2021-21931 affects Advantech R-SeeNet web interface. Multiple SQL injection paths exist in device_list.php (notably via stat_filter and related filters like host/prod/desc/etc.), allowing authenticated users (or CSRF-tied actions) to inject SQL through crafted HTTP requests. TALOS and related...

7.7CVSS6.8AI score0.01144EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/12/22 6:7 p.m.26 views

CVE-2021-21931

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at‘ statfilter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery...

7.7CVSS7.4AI score0.01144EPSS
Exploits1References1
ICS
ICS
added 2021/12/14 12:0 a.m.54 views

Advantech R-SeeNet

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Advantech Equipment: R-SeeNet Vulnerabilities: SQL Injection, Improper Privilege Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow authenticated users to perform a local privilege...

8.8CVSS8.3AI score0.20155EPSS
Exploits26References5
Rows per page
Query Builder