EUVD-2014-1021

Malware in sbrugna...

CVE-2024-11096

A vulnerability, which was classified as critical, was found in code-projects Task Manager 1.0. This affects an unknown part of the file /newProject.php. The manipulation of the argument projectName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

Task Manager 注入漏洞

Task Manager is an open source task manager application from Code-Projects. An injection vulnerability exists in Task Manager version 1.0, which stems from an SQL injection vulnerability in the projectName parameter of the /newProject.php page...

CVE-2019-13027

Realization Concerto Critical Chain Planner aka CCPM 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter...

Sql injection

Realization Concerto Critical Chain Planner aka CCPM 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter...

CVE-2019-13027

Realization Concerto Critical Chain Planner aka CCPM 5.10.8071 has SQL Injection in at least in the taskupdt/taskdetails.aspx webpage via the projectname parameter...

Advantech WebAccess Node BWSCADASoap GetNodeList SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Advantech WebAccess Node BWSCADASoap PointListByPage SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Advantech WebAccess Node BWSCADASoap GraphList SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

Advantech WebAccess Node BWSCADASoap GetUnackAlarms SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Advantech WebAccess Node. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...

The vulnerability of the ChkAdminViewUsrPwd1 component in the Advantech WebAccess remote monitoring software allows a perpetrator to execute arbitrary code.

The vulnerability of the ChkAdminViewUsrPwd1 component mailPg.asp in the Advantech WebAccess remote monitoring software is related to the lack of protection for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using the ProjectName and...

(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName strncpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C71 IOCTL in the BwOpcTool subsystem. A stack-based buff...

Advantech WebAccess webvrpcs Service BwpAlarm.dll ProjectName strcat Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x11184 IOCTL in the BwpAlarm subsystem. A stack-based buffe...

Advantech WebAccess SCADA ProjectName Parameter Buffer Overflow (CVE-2014-0991)

A stack buffer overflow exists in Advantech's WebAccess SCADA software. This is due to insufficient input validation of the ProjectName parameter contained in the webvact.ocx ActiveX control, a part of the WebAccess Client. A remote, unauthenticated attacker could exploit this vulnerability by...

CVE-2014-0991

Stack-based buffer overflow in Advantech WebAccess formerly BroadWin WebAccess 7.2 allows remote attackers to execute arbitrary code via the projectname parameter...

Stack overflow

Stack-based buffer overflow in Advantech WebAccess formerly BroadWin WebAccess 7.2 allows remote attackers to execute arbitrary code via the projectname parameter...