EUVD-2020-5747

Malware in sbrugna...

EUVD-2020-5746

Malware in sbrugna...

CVE-2020-13500

SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL...

CVE-2020-13499

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticate...

CVE-2020-13501

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable to unauthenticate...

Aveva eDNA Enterprise SQL Injection (CVE-2020-13499; CVE-2020-13500; CVE-2020-13501)

An SQL injection vulnerability exists in Aveva eDNA Enterprise. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

CVE-2020-13500

SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL...

CVE-2020-13499

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticate...

CVE-2020-13501

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable to unauthenticate...

Sql injection

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticate...

Sql injection

SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL...

CVE-2020-13501

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstanceName in CHaD.asmx is vulnerable to unauthenticate...

CVE-2020-13501

CVE-2020-13501 affects Aveva eDNA Enterprise Data Historian CHaD.asmx web service (SOAP). The vulnerability is unauthenticated SQL injection in parameter InstanceName (and related CHaD.asmx inputs) that can lead to data compromise. Affected versions include 3.0.1.2 / 7.5.4989.33053. Exploitation ...

CVE-2020-13500

SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter ClassName in CHaD.asmx is vulnerable to unauthenticated SQL...

CVE-2020-13499

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. Specially crafted SOAP web requests can cause SQL injections resulting in data compromise. Parameter InstancePath in CHaD.asmx is vulnerable to unauthenticate...

CVE-2020-13499

Summary of CVE-2020-13499 : Talos and NVD detail multiple unauthenticated SQL injection flaws in Aveva eDNA Enterprise Data Historian CHaD.asmx web service (versions 3.0.1.2/7.5.4989.33053). The vulnerability affects the SOAP endpoint CHaD.asmx, specifically parameters such as InstancePath, Class...

Aveva eDNA Enterprise Data Historian Alias.asmx SQL injection Vulnerability

Talos Vulnerability Report TALOS-2020-1109 Aveva eDNA Enterprise Data Historian Alias.asmx SQL injection Vulnerability September 23, 2020 CVE Number CVE-2020-13507, CVE-2020-13508 Summary Multiple SQL injection vulnerabilities exist in the Alias.asmx Web Service functionality of eDNA Enterprise...

Aveva eDNA Enterprise data historian DNAPoints.asmx SQL injection vulnerability

Talos Vulnerability Report TALOS-2020-1107 Aveva eDNA Enterprise data historian DNAPoints.asmx SQL injection vulnerability September 23, 2020 CVE Number CVE-2020-13502 Summary An exploitable SQL injection vulnerability exists in the DNAPoints.asmx web Service functionality of eDNA Enterprise Data...

Aveva eDNA Enterprise Data Historian ednareporting.asmx Multiple SQL injection Vulnerabilities

Talos Vulnerability Report TALOS-2020-1108 Aveva eDNA Enterprise Data Historian ednareporting.asmx Multiple SQL injection Vulnerabilities September 23, 2020 CVE Number CVE-2020-13503, CVE-2020-13504, CVE-2020-13505, CVE-2020-13521 Summary Multiple SQL injection vulnerabilities exists in the...

Aveva eDNA Enterprise data historian CHaD.asmx multiple SQL injection vulnerabilities

Talos Vulnerability Report TALOS-2020-1106 Aveva eDNA Enterprise data historian CHaD.asmx multiple SQL injection vulnerabilities September 23, 2020 CVE Number CVE-2020-13501,CVE-2020-13499,CVE-2020-13500 SUMMARY Multiple SQL injection vulnerabilities exists in the CHaD.asmx web service...