Lucene search
K

3732 matches found

Nuclei
Nuclei
added yesterday11 views

Advantech WISE-IoTSuite/SaaS - SQL Injection

Advantech WISE-IoTSuite/SaaS Composer suffers from an unauthenticated SQL Injection vulnerability due to the unsafe use of the filename parameter within the URL path in PostgreSQL queries. Remote attackers can exploit this flaw by injecting SQL code such as the use of pgsleep for time delays to...

10CVSS6.2AI score0.37867EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday122 views

Advantech R-SeeNet 2.4.12 - OS Command Injection

Advantech R-SeeNet 2.4.12 is susceptible to remote OS command execution via the ping.php script functionality. An attacker, via a specially crafted HTTP request, can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering...

10CVSS7.2AI score0.69631EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday90 views

Advantech R-SeeNet - Cross-Site Scripting

Advantech R-SeeNet is vulnerable to cross-site scripting via the devicegraphpage.php script via the is2sim parameter. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution. id: CVE-2021-21803 info: name: Advantech R-SeeNet - Cross-Site...

9.6CVSS6.8AI score0.07902EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday126 views

Advantech R-SeeNet - Cross-Site Scripting

Advantech R-SeeNet contains a cross-site scripting vulnerability in the devicegraphpage.php script via the deviceid parameter. A specially crafted URL by an attacker can lead to arbitrary JavaScript code execution. id: CVE-2021-21802 info: name: Advantech R-SeeNet - Cross-Site Scripting author:...

9.6CVSS6.9AI score0.63415EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday110 views

Advantech R-SeeNet 2.4.12 - Cross-Site Scripting

Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the sshform.php script functionality. id: CVE-2021-21800 info: name: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting author: arafatansari severity: medium description: | Advantech R-SeeNet 2.4.12 contains a...

9.6CVSS6.7AI score0.14115EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday73 views

Advantech R-SeeNet - Cross-Site Scripting

Advantech R-SeeNet contains a cross-site scripting vulnerability in the devicegraphpage.php script via the graph parameter. A specially crafted URL by an attacker can lead to arbitrary JavaScript code execution. id: CVE-2021-21801 info: name: Advantech R-SeeNet - Cross-Site Scripting author: gy74...

9.6CVSS6.9AI score0.63415EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday89 views

Advantech R-SeeNet 2.4.12 - Cross-Site Scripting

Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the telnetform.php script functionality. id: CVE-2021-21799 info: name: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting author: arafatansari severity: medium description: | Advantech R-SeeNet 2.4.12 contains a...

9.6CVSS6.7AI score0.12293EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:57 a.m.7 views

CVE-2026-14162

Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...

9.8CVSS5.8AI score0.00472EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/30 10:57 a.m.6 views

EUVD-2026-40287

Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...

9.8CVSS5.8AI score0.00472EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:57 a.m.31 views

CVE-2026-14162 Advantech|Hospital Quering Management - Missing Authentication

Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...

9.8CVSS0.00472EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:57 a.m.16 views

CVE-2026-14162

Advantech Hospital Queuing Management is listed under CVE-2026-14162 with a Missing Authentication/Unauthenticated access scenario. The description states a Sensitive Data Exposure where unauthenticated remote attackers can access a URL to obtain API documentation. The connected CVE entry confirm...

9.8CVSS5.8AI score0.00472EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:52 a.m.31 views

CVE-2026-14161 Advantech|Hospital Queuing Management - Sensitive Data Exposure

Hospital Quening Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...

8.7CVSS0.00437EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/30 10:52 a.m.8 views

EUVD-2026-40286

Hospital Quening Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation...

8.7CVSS5.8AI score0.00437EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:52 a.m.27 views

CVE-2026-14161

Advantech’s Hospital Queuing Management product is affected by a Sensitive Data Exposure vulnerability. Unauthenticated remote attackers can access a specific URL to obtain API documentation, per the CVE-2026-14161 records from NVD and CVE List. The connected documents confirm the affected produc...

8.7CVSS5.8AI score0.00437EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-53849

Name of the Vulnerable Software and Affected Versions Hospital Queuing Management affected versions not specified Description An issue exists that allows unauthenticated remote attackers to access a specific URL to obtain API documentation, leading to sensitive data exposure. Recommendations At t...

9.8CVSS6AI score0.00472EPSS
Exploits0References11
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.12 views

CVE-2026-36226

Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...

6.1CVSS5.5AI score0.00256EPSS
Exploits1References1
NVD
NVD
added 2026/05/22 5:16 p.m.24 views

CVE-2026-36226

Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...

6.1CVSS0.00256EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/05/22 2:18 p.m.103 views

Exploit for CVE-2026-36226

CVE-2026-36226: Advantech WebAccess/SCADA Create New Project U...

5.9AI score0.00256EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/05/22 12:0 a.m.8 views

CVE-2026-36226

Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...

6.1CVSS5.8AI score0.00256EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/22 12:0 a.m.11 views

EUVD-2026-31474

Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...

6.1CVSS5.8AI score0.00256EPSS
Exploits1References1
Rows per page
Query Builder