Lucene search
+L

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:12 p.m.6 views

CVE-2021-21918

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘namefilter’ parameter. However, the high privilege super-administrator account needs to be used to achieve exploitation without cross-site request forgery...

7.7CVSS7.3AI score0.01134EPSS
Exploits1References1
OSV
OSV
added 2021/12/22 7:15 p.m.3 views

CVE-2021-21918

A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘namefilter’ parameter. However, the high privilege super-administrator account needs to be used to achieve exploitation without cross-site request forgery...

4.9CVSS6.6AI score0.01134EPSS
Exploits1References1
CVE
CVE
added 2021/12/22 6:6 p.m.66 views

CVE-2021-21918

CVE-2021-21918 affects Advantech R-SeeNet 2.4.15 where the name_filter parameter on the company_list page can be exploited to trigger SQL injection via a crafted authenticated HTTP request. The root cause is improper input handling in building SQL for the stored procedure call sp_GetCompanies, wi...

7.7CVSS5.3AI score0.01134EPSS
Exploits1References1Affected Software1
ICS
ICS
added 2021/12/14 12:0 a.m.60 views

Advantech R-SeeNet

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Low attack complexity Vendor: Advantech Equipment: R-SeeNet Vulnerabilities: SQL Injection, Improper Privilege Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow authenticated users to perform a local privilege...

8.8CVSS8.3AI score0.20155EPSS
Exploits26References5
Talos
Talos
added 2021/11/22 12:0 a.m.52 views

Advantech R-SeeNet application multiple SQL injection vulnerabilities in the 'company_list' page

Summary Multiple exploitable SQL injection vulnerabilities exist in the ‘companylist’ page of the Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. However, the high...

7.7CVSS6.1AI score0.01134EPSS
Exploits2
Rows per page
Query Builder