Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
webaccess vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-10631
An attacker could use a specially crafted URL to delete or read files outside the WebAccess/NMS's (versions before 3.0.2) control.
Advantech Webaccess\\/nms
445
VMScore
CVE-2020-10617
There are multiple ways an unauthenticated attacker could perform SQL injection on WebAccess/NMS (versions before 3.0.2) to gain access to sensitive information.
Advantech Webaccess\\/nms
570
VMScore
CVE-2020-10619
An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's (versions before 3.0.2) control.
Advantech Webaccess\\/nms
668
VMScore
CVE-2020-10625
WebAccess/NMS (versions before 3.0.2) allows an unauthenticated remote user to create a new admin account.
Advantech Webaccess\\/nms
445
VMScore
CVE-2020-10629
WebAccess/NMS (versions before 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an malicious user to read sensitive files.
Advantech Webaccess\\/nms
890
VMScore
CVE-2020-10621
Multiple issues exist that allow files to be uploaded and executed on the WebAccess/NMS (versions before 3.0.2).
Advantech Webaccess\\/nms
445
VMScore
CVE-2019-3942
Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password.
Advantech Webaccess 8.3.4
578
VMScore
CVE-2020-10607
In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
Advantech Webaccess
436
VMScore
CVE-2020-2707
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: WebAccess). Supported versions that are affected are 15.1.0.0-15.2.18.7, 16.1.0.0-16.2.19.0, 17.1.0.0-17.12.16.0, 18.1.0.0-18.8.16.0 and 19.12.0.0....
Oracle Primavera P6 Enterprise Project Portfolio Management 19.12.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management
668
VMScore
CVE-2019-3951
Advantech WebAccess prior to 8.4.3 allows unauthenticated remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) due to a stack-based buffer overflow when handling IOCTL 70533 RPC messages.
Advantech Webaccess
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »