Filtered by vendor Schneider-electric
Subscriptions
Filtered by product U.motion Builder
Subscriptions
Total
24 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-7773 | 1 Schneider-electric | 1 U.motion Builder | 2024-09-16 | N/A |
The vulnerability exists within processing of nfcserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the sessionid input parameter. | ||||
CVE-2017-7973 | 1 Schneider-electric | 1 U.motion Builder | 2024-09-16 | N/A |
A SQL injection vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauthenticated user can use calls to various paths allowing performance of arbitrary SQL commands against the underlying database. | ||||
CVE-2017-9959 | 1 Schneider-electric | 1 U.motion Builder | 2024-08-05 | N/A |
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system accepts reboot in session from unauthenticated users, supporting a denial of service condition. | ||||
CVE-2018-7841 | 1 Schneider-electric | 1 U.motion Builder | 2024-08-05 | N/A |
A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unwanted code execution when an improper set of characters is entered. |