3732 matches found
Advantech WISE-IoTSuite/SaaS - SQL Injection
Advantech WISE-IoTSuite/SaaS Composer suffers from an unauthenticated SQL Injection vulnerability due to the unsafe use of the filename parameter within the URL path in PostgreSQL queries. Remote attackers can exploit this flaw by injecting SQL code such as the use of pgsleep for time delays to...
Advantech R-SeeNet 2.4.12 - OS Command Injection
Advantech R-SeeNet 2.4.12 is susceptible to remote OS command execution via the ping.php script functionality. An attacker, via a specially crafted HTTP request, can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering...
Advantech R-SeeNet - Cross-Site Scripting
Advantech R-SeeNet is vulnerable to cross-site scripting via the devicegraphpage.php script via the is2sim parameter. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution. id: CVE-2021-21803 info: name: Advantech R-SeeNet - Cross-Site...
Advantech R-SeeNet - Cross-Site Scripting
Advantech R-SeeNet contains a cross-site scripting vulnerability in the devicegraphpage.php script via the deviceid parameter. A specially crafted URL by an attacker can lead to arbitrary JavaScript code execution. id: CVE-2021-21802 info: name: Advantech R-SeeNet - Cross-Site Scripting author:...
Advantech R-SeeNet 2.4.12 - Cross-Site Scripting
Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the sshform.php script functionality. id: CVE-2021-21800 info: name: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting author: arafatansari severity: medium description: | Advantech R-SeeNet 2.4.12 contains a...
Advantech R-SeeNet - Cross-Site Scripting
Advantech R-SeeNet contains a cross-site scripting vulnerability in the devicegraphpage.php script via the graph parameter. A specially crafted URL by an attacker can lead to arbitrary JavaScript code execution. id: CVE-2021-21801 info: name: Advantech R-SeeNet - Cross-Site Scripting author: gy74...
Advantech R-SeeNet 2.4.12 - Cross-Site Scripting
Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the telnetform.php script functionality. id: CVE-2021-21799 info: name: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting author: arafatansari severity: medium description: | Advantech R-SeeNet 2.4.12 contains a...
CVE-2026-14162
Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...
EUVD-2026-40287
Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...
CVE-2026-14162 Advantech|Hospital Quering Management - Missing Authentication
Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...
CVE-2026-14162
Advantech Hospital Queuing Management is listed under CVE-2026-14162 with a Missing Authentication/Unauthenticated access scenario. The description states a Sensitive Data Exposure where unauthenticated remote attackers can access a URL to obtain API documentation. The connected CVE entry confirm...
CVE-2026-14161 Advantech|Hospital Queuing Management - Sensitive Data Exposure
Hospital Quening Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...
EUVD-2026-40286
Hospital Quening Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...
CVE-2026-14161
Advantech’s Hospital Queuing Management product is affected by a Sensitive Data Exposure vulnerability. Unauthenticated remote attackers can access a specific URL to obtain API documentation, per the CVE-2026-14161 records from NVD and CVE List. The connected documents confirm the affected produc...
PT-2026-53849
Name of the Vulnerable Software and Affected Versions Hospital Queuing Management affected versions not specified Description An issue exists that allows unauthenticated remote attackers to access a specific URL to obtain API documentation, leading to sensitive data exposure. Recommendations At t...
CVE-2026-36226
Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...
CVE-2026-36226
Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...
Exploit for CVE-2026-36226
CVE-2026-36226: Advantech WebAccess/SCADA Create New Project U...
CVE-2026-36226
Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...
EUVD-2026-31474
Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...