Show filters
325 Total Results
Displaying 61-70 of 325
Sort by:
Attacker Value
Unknown
CVE-2021-40389
Disclosure Date: January 28, 2022 (last updated February 23, 2025)
A privilege escalation vulnerability exists in the installation of Advantech DeviceOn/iEdge Server 1.0.2. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2021-40388
Disclosure Date: January 28, 2022 (last updated February 23, 2025)
A privilege escalation vulnerability exists in Advantech SQ Manager Server 1.0.6. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2021-21937
Disclosure Date: December 22, 2021 (last updated February 23, 2025)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘host_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
0
Attacker Value
Unknown
CVE-2021-21936
Disclosure Date: December 22, 2021 (last updated February 23, 2025)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘health_alt_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
0
Attacker Value
Unknown
CVE-2021-21935
Disclosure Date: December 22, 2021 (last updated February 23, 2025)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this vulnerability at ‘host_alt_filter2’ parameter. This can be done as any authenticated user or through cross-site request forgery.
0
Attacker Value
Unknown
CVE-2021-21934
Disclosure Date: December 22, 2021 (last updated February 23, 2025)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘imei_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
0
Attacker Value
Unknown
CVE-2021-21933
Disclosure Date: December 22, 2021 (last updated February 23, 2025)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘esn_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
0
Attacker Value
Unknown
CVE-2021-21932
Disclosure Date: December 22, 2021 (last updated February 23, 2025)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests to trigger this at ‘name_filter’ parameter. This can be done as any authenticated user or through cross-site request forgery.
0
Attacker Value
Unknown
CVE-2021-21931
Disclosure Date: December 22, 2021 (last updated February 23, 2025)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at‘ stat_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
0
Attacker Value
Unknown
CVE-2021-21930
Disclosure Date: December 22, 2021 (last updated February 23, 2025)
A specially-crafted HTTP request can lead to SQL injection. An attacker can make authenticated HTTP requests at ‘sn_filter’ parameter to trigger this vulnerability. This can be done as any authenticated user or through cross-site request forgery.
0
