Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2020-10619
An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions before 3.0.2) control.
Advantech Webaccess\\/nms
4
CVSSv2
CVE-2020-10623
Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS (versions before 3.0.2) to gain access to sensitive information.
Advantech Webaccess\\/nms
7.5
CVSSv2
CVE-2020-10625
WebAccess/NMS (versions before 3.0.2) allows an unauthenticated remote user to create a new admin account.
Advantech Webaccess\\/nms
5
CVSSv2
CVE-2020-10629
WebAccess/NMS (versions before 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an malicious user to read sensitive files.
Advantech Webaccess\\/nms
7.5
CVSSv2
CVE-2020-10631
An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions before 3.0.2) control.
Advantech Webaccess\\/nms
10
CVSSv2
CVE-2020-10621
Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions before 3.0.2).
Advantech Webaccess\\/nms
5
CVSSv2
CVE-2019-3942
Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password.
Advantech Webaccess 8.3.4
6.5
CVSSv2
CVE-2020-10607
In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
Advantech Webaccess
4.9
CVSSv2
CVE-2020-2707
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: WebAccess). Supported versions that are affected are 15.1.0.0-15.2.18.7, 16.1.0.0-16.2.19.0, 17.1.0.0-17.12.16.0, 18.1.0.0-18.8.16.0 and 19.12.0.0....
Oracle Primavera P6 Enterprise Project Portfolio Management 19.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
7.5
CVSSv2
CVE-2019-3951
Advantech WebAccess prior to 8.4.3 allows unauthenticated remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.
Advantech Webaccess
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »