Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'R-seenet'
2021-12-22
CVE-2021-21915
CWE-89
An exploitable SQL injection vulnerability exist in the �??group_list�?? page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at �??company_filter�?? parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
CVE-2021-21916
CWE-89
An exploitable SQL injection vulnerability exist in the �??group_list�?? page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at 'description_filter�?? parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
CVE-2021-21917
CWE-89
An exploitable SQL injection vulnerability exist in the �??group_list�?? page of the Advantech R-SeeNet 2.4.15 (30.07.2021). A specially-crafted HTTP request at '�??ord�?? parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
CVE-2021-21918
CWE-89
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at �??name_filter�?? parameter. However, the high privilege super-administrator account needs to be used to achieve exploitation without cross-site request forgery attack.
CVE-2021-21919
CWE-89
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ord�?? parameter. However, the high privilege super-administrator account needs to be used to achieve exploitation without cross-site request forgery attack.
CVE-2021-21920
CWE-89
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at �??surname_filter�?? parameter with the administrative account or through cross-site request forgery.
CVE-2021-21921
CWE-89
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at �??name_filter�?? parameter with the administrative account or through cross-site request forgery.
CVE-2021-21922
CWE-89
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at �??username_filter�?? parameter with the administrative account or through cross-site request forgery.
CVE-2021-21923
CWE-89
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at �??company_filter�?? parameter with the administrative account or through cross-site request forgery.
CVE-2021-21924
CWE-89
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger these vulnerabilities. This can be done as any authenticated user or through cross-site request forgery at �??desc_filter�?? parameter.
Copyright
2024
, cxsecurity.com
Back to Top