Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2021-32954
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to a directory traversal, which may allow an malicious user to remotely read arbitrary files on the file system.
Advantech Webaccess\\/scada
5.8
CVSSv2
CVE-2021-32956
Advantech WebAccess/SCADA Versions 9.0.1 and prior is vulnerable to redirection, which may allow an malicious user to send a maliciously crafted URL that could result in redirecting a user to a malicious webpage.
Advantech Webaccess\\/scada
4.3
CVSSv2
CVE-2021-34540
Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard.
Advantech Webaccess 8.4.2
Advantech Webaccess 8.4.4
9
CVSSv2
CVE-2021-22669
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA portal of WebAccess/SCADA Versions 9.0.1 and prior, which may allow a low-privileged user to update an administrator’s password and login as an administrator to escalate...
4.3
CVSSv2
CVE-2021-27436
WebAccess/SCADA Versions 9.0 and prior is vulnerable to cross-site scripting, which may allow an malicious user to send malicious JavaScript code to an unsuspecting user, which could result in hijacking of the user’s cookie/session tokens, redirecting the user to a maliciou...
Advantech Webaccess\\/scada
7.2
CVSSv2
CVE-2020-13554
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to e...
Advantech Webaccess\\/scada 9.0.1
6.5
CVSSv2
CVE-2020-25161
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an malicious user to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator.
Advantech Webaccess\\/scada
4
CVSSv2
CVE-2020-13550
A local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted application can lead to information disclosure. An attacker can send an authenticated HTTP request to trigger this vulnerability.
Advantech Webaccess\\/scada 9.0.1
7.2
CVSSv2
CVE-2020-13551
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via PostgreSQL executable, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM ...
Advantech Webaccess\\/scada 9.0.1
7.2
CVSSv2
CVE-2020-13552
An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In privilege escalation via multiple service executables in installation folder of WebAccess, an attacker can either replace binary or loa...
Advantech Webaccess\\/scada 9.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »