7 matches found
CVE-2021-37749
MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 aka 16.6.2.66 allows blind SQL Injection via the Id within sourceItems parameter to the GetMap method...
CVE-2021-37749
MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 aka 16.6.2.66 allows blind SQL Injection via the Id within sourceItems parameter to the GetMap method...
CVE-2021-37749
MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 aka 16.6.2.66 allows blind SQL Injection via the Id within sourceItems parameter to the GetMap method...
Sql injection
MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 aka 16.6.2.66 allows blind SQL Injection via the Id within sourceItems parameter to the GetMap method...
CVE-2021-37749
MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 aka 16.6.2.66 allows blind SQL Injection via the Id within sourceItems parameter to the GetMap method...
CVE-2021-37749
The CVE-2021-37749 entry concerns Hexagon GeoMedia WebMap 2020 prior to Update 2 (16.6.2.66). A vulnerability in MapService.svc allows blind SQL injection via the Id (within sourceItems) parameter to the GetMap method. CVSSv3.1 base score 9.8 (CRITICAL) with network attack vector, no user interac...
Hexagon GeoMedia WebMap SQL注入漏洞
Hexagon GeoMedia WebMap is a Web-based geospatial data visualization and analysis server product from Hexagon. A SQL injection vulnerability exists in MapService.svc in versions prior to Hexagon GeoMedia WebMap 2020 Update 2 16.6.2.66, which stems from a vulnerability in MapService.svc that allow...