|
209491
|
7.8 |
HIGH
Local
|
siemens
|
solid_edge_se2021
solid_edge_se2020
|
A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Affected application…
|
-
|
CVE-2020-26997
|
2024-11-21 14:20 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209492
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The assetStatus parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection …
|
CWE-89
SQL Injection
|
CVE-2020-27239
|
2024-11-21 14:20 |
2021-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209493
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The code parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An att…
|
CWE-89
SQL Injection
|
CVE-2020-27238
|
2024-11-21 14:20 |
2021-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209494
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The code parameter in the The nomenclature parameter in the getAssets.jsp page is vulnerable to una…
|
CWE-89
SQL Injection
|
CVE-2020-27237
|
2024-11-21 14:20 |
2021-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209495
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the compnomenclature parameter. An attacker can make an authenticated HTTP request to trigger thi…
|
CWE-89
SQL Injection
|
CVE-2020-27236
|
2024-11-21 14:20 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209496
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the description parameter. An attacker can make an authenticated HTTP request to trigger this vul…
|
CWE-89
SQL Injection
|
CVE-2020-27235
|
2024-11-21 14:20 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209497
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the serviceUID parameter. An attacker can make an authenticated HTTP request to trigger this vuln…
|
CWE-89
SQL Injection
|
CVE-2020-27234
|
2024-11-21 14:20 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209498
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the supplierUID parameter. An attacker can make an authenticated HTTP request to trigger this vul…
|
CWE-89
SQL Injection
|
CVE-2020-27233
|
2024-11-21 14:20 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209499
|
7.8 |
HIGH
Local
|
openclinic_ga_project
|
openclinic_ga
|
An incorrect default permissions vulnerability exists in the installation functionality of OpenClinic GA 5.173.3. Overwriting the binary can result in privilege escalation. An attacker can replace a …
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-27228
|
2024-11-21 14:20 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209500
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially crafted web requests can cause commands to be executed on the server. An attacker can send a web reques…
|
CWE-78
OS Command
|
CVE-2020-27227
|
2024-11-21 14:20 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
