Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/11/07 7:58 p.m.2 views

CVE-2025-34247

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in NetworksController.addNetworkAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

6.5CVSS7.6AI score0.00288EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/06 7:49 p.m.3 views

CVE-2025-34246 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AjaxPrevalidationController.ajaxAction()

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxPrevalidationController.ajaxAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

5.3CVSS0.00284EPSS
Exploits0References3
CVE
CVE
added 2025/11/06 7:48 p.m.7 views

CVE-2025-34245

Advantech WebAccess/VPN before 1.1.5 contains a SQL injection in AjaxStandaloneVpnClientsController.ajaxAction() that an authenticated, low-privileged observer can exploit via datatable search parameters, potentially disclosing database information. Affected version: prior to 1.1.5. Some connecte...

6.5CVSS7.2AI score0.00284EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.2 views

Advantech WebAccess/VPN 安全漏洞

Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a cross-site scripti...

6.2CVSS6.2AI score0.002EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.4 views

Advantech WebAccess/VPN 安全漏洞

Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a command injection...

8.6CVSS7.6AI score0.01766EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/09 12:0 a.m.4 views

WordPress plugin LA-Studio Element Kit for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.5CVSS8.6AI score0.00548EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/01/30 8:31 p.m.7 views

CVE-2022-4828 Bold Timeline Lite < 1.1.5 - Contributor+ Stored XSS via Shortcode

The Bold Timeline Lite WordPress plugin before 1.1.5 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.3AI score0.01011EPSS
Exploits2References1
Rows per page
Query Builder