Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2020-10619
An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions before 3.0.2) control.
Advantech Webaccess\\/nms
6.5
CVSSv3
CVE-2020-10623
Multiple vulnerabilities could allow an attacker with low privileges to perform SQL injection on WebAccess/NMS (versions before 3.0.2) to gain access to sensitive information.
Advantech Webaccess\\/nms
9.8
CVSSv3
CVE-2020-10625
WebAccess/NMS (versions before 3.0.2) allows an unauthenticated remote user to create a new admin account.
Advantech Webaccess\\/nms
7.5
CVSSv3
CVE-2020-10629
WebAccess/NMS (versions before 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an malicious user to read sensitive files.
Advantech Webaccess\\/nms
9.8
CVSSv3
CVE-2020-10631
An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions before 3.0.2) control.
Advantech Webaccess\\/nms
9.8
CVSSv3
CVE-2020-10621
Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions before 3.0.2).
Advantech Webaccess\\/nms
7.5
CVSSv3
CVE-2019-3942
Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password.
Advantech Webaccess 8.3.4
8.8
CVSSv3
CVE-2020-10607
In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
Advantech Webaccess
5.4
CVSSv3
CVE-2020-2707
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: WebAccess). Supported versions that are affected are 15.1.0.0-15.2.18.7, 16.1.0.0-16.2.19.0, 17.1.0.0-17.12.16.0, 18.1.0.0-18.8.16.0 and 19.12.0.0....
Oracle Primavera P6 Enterprise Project Portfolio Management 19.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
9.8
CVSSv3
CVE-2019-3951
Advantech WebAccess prior to 8.4.3 allows unauthenticated remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.
Advantech Webaccess
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »