Lucene search
+L

16763 matches found

Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•20 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the CheckEmsnamemodify method of the DBUtil...

7.5CVSS2.9AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•15 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getSupportedDeviceByModel method of the...

7.5CVSS2.9AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•16 views

Advantech WebAccess/NMS DeviceData Performance SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the DeviceData/Performance endpoint. When...

7.5CVSS2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•12 views

Advantech WebAccess/NMS FwStatusReportAction SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the FwStatusReportAction.action endpoint. Whe...

7.5CVSS2.2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•20 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the CheckFwtasknamemodify method of the DBUti...

7.5CVSS2.7AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•17 views

Advantech WebAccess/NMS FwStatusReportAction SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the FwStatusReportAction.action endpoint. Whe...

7.5CVSS2.2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•19 views

Advantech WebAccess/NMS forcedScanDevice SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the forcedScanDevice.action endpoint. When...

7.5CVSS2.3AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•22 views

Advantech WebAccess/NMS MibBrowser SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the handleDeviceNameByIpAddress method of the...

7.5CVSS2.8AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•22 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the CheckFwtaskname method of the DBUtil clas...

7.5CVSS2.5AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•22 views

Advantech WebAccess/NMS DBBackupRestoreAction Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the DBBackupRestoreAction.action endpoint. When parsi...

9.8CVSS5.7AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•23 views

Advantech WebAccess/NMS saveBackgroundAction Directory Traversal Denial-of-Service Vulnerability

This vulnerability allows remote attackers to delete arbitary files on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the saveBackground.action endpoint. When parsing the...

8.2CVSS3AI score0.14327EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•19 views

Advantech WebAccess/NMS ProfileResource Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the importprofile endpoint. The issue results from th...

9.8CVSS2.6AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•20 views

Advantech WebAccess/NMS SupportDeviceaddAction Arbitrary File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the SupportDeviceaddAction.action endpoint. When...

9.8CVSS6AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•24 views

Advantech WebAccess/NMS LicenseImportAction Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the licenseImportAction.action endpoint. When parsing...

9.8CVSS5.7AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•28 views

Advantech WebAccess/NMS ConfigRestoreAction Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the ConfigRestoreAction.action endpoint. When parsing...

9.8CVSS5.9AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•18 views

Advantech WebAccess/NMS TopogroupeditAction SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the TopogroupeditAction.action endpoint. When...

7.5CVSS2.2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•21 views

(0Day) Advantech WebAccess IOCTL 0x2711 BwFLApp Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IOCTL 0x2711, which can be used to invoke BwFLApp.exe. The issue...

8.2CVSS0.6AI score0.01009EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•16 views

Advantech WebAccess/NMS FwUpgradeAction Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the FwUpgradeAction.action endpoint. When parsing the...

9.8CVSS5.6AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•11 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getSeverByAlarm method of the DBUtil clas...

7.5CVSS2.5AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•11 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the CheckManagedip method of the DBUtil class...

7.5CVSS2.2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•22 views

Advantech WebAccess/NMS TopogroupeditAction SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the TopogroupeditAction.action endpoint. When...

7.5CVSS2.2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•14 views

Advantech WebAccess/NMS AccesslogAction SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the AccesslogAction.action endpoint. When...

7.5CVSS6.7AI score
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•29 views

Advantech WebAccess/NMS Login isAccessDenied SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the Login.view endpoint. When parsing the...

7.5CVSS2.2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•16 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getTopogroupIndex method of the DBUtil...

7.5CVSS2.2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•14 views

Advantech WebAccess/NMS extProgramAction Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the extProgramAction.action endpoint. When parsing th...

9.8CVSS5.4AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•9 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getEmsgroupIndex method of the DBUtil...

7.5CVSS2.4AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•17 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getDeviceCommunity method of the DBUtil...

7.5CVSS1AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•15 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getTopologyDeviceByMac method of the DBUt...

7.5CVSS2.5AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•19 views

Advantech WebAccess/NMS getTrunkNumber SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getTrunkNumber method of the DBUtil class...

7.5CVSS1.7AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•20 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getDeviceOidStrT method of the DBUtil...

7.5CVSS2.3AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•19 views

Advantech WebAccess/NMS DatabaseMgmtResource OS Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the processing of...

8.8CVSS5.3AI score0.01221EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•9 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the updateManageddevicetopo method of the...

7.5CVSS2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•16 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getManagedDeviceById method of the DBUtil...

7.5CVSS0.9AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•16 views

Advantech WebAccess/NMS EMSgroupAction SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the EMSgroupAction.action endpoint. When...

7.5CVSS2.2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•20 views

Advantech WebAccess/NMS Login SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the Login.view endpoint. When parsing the...

7.5CVSS2.2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•12 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getDeviceEvent method of the DBUtil class...

7.5CVSS1.1AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•20 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the CheckManagedid method of the DBUtil class...

7.5CVSS2.6AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•12 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the gethDeviceModelIndex method of the DBUtil...

7.5CVSS3.1AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•21 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the setFilename method of the DBUtil class...

7.5CVSS2.7AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•19 views

Advantech WebAccess/NMS DBBackupResource Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the DBBackup endpoint. The issue results from the lac...

9.8CVSS2.7AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•22 views

Advantech WebAccess/NMS extProgramAction Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the extProgramAction.action endpoint. When parsing th...

9.8CVSS5.4AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•16 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getDeviceName method of the DBUtil class...

7.5CVSS2.2AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•29 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the setTaskdevice method of the DBUtil class...

7.5CVSS2.6AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•18 views

Advantech WebAccess/NMS getSyslogUiList SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the processi...

6.5CVSS1.8AI score0.00922EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•16 views

Advantech WebAccess/NMS single-vlan-info SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the single-vlan-info endpoint. When parsing t...

7.5CVSS1.7AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•21 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the setMonitorProcess method of the DBUtil...

7.5CVSS1AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•17 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the updateAckedEventlogByID method of the...

7.5CVSS2.5AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•16 views

Advantech WebAccess/NMS saveBackground Unrestricted File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the saveBackground.action endpoint. When parsing the...

9.8CVSS5.7AI score0.0159EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•17 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the getDeviceOidStr method of the DBUtil clas...

7.5CVSS1.1AI score0.01263EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
•added 2020/04/08 12:0 a.m.•13 views

Advantech WebAccess/NMS DBUtil SQL Injection Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the updateClearedEventlogByID method of the...

7.5CVSS2.6AI score0.01263EPSS
Exploits0References1
Total number of security vulnerabilities16763