Siemens

Xhq

10 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2019-19289

  • EPSS 0.17%
  • Published 14.12.2020 21:15:17
  • Last modified 21.11.2024 04:34:30

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link.

5.3

CVE-2019-19283

  • EPSS 0.24%
  • Published 14.12.2020 21:15:16
  • Last modified 21.11.2024 04:34:29

A vulnerability has been identified in XHQ (All Versions < 6.1). The application's web server could expose non-sensitive information about the server's architecture. This could allow an attacker to adapt further attacks to the version in place.

5.4

CVE-2019-19284

  • EPSS 0.34%
  • Published 14.12.2020 21:15:16
  • Last modified 21.11.2024 04:34:29

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify content of particular web pages, causing the application to behave in unexpected ways f...

5.4

CVE-2019-19285

  • EPSS 0.34%
  • Published 14.12.2020 21:15:16
  • Last modified 21.11.2024 04:34:29

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow injections that could lead to XSS attacks if unsuspecting users are tricked into accessing a malicious link.

7.2

CVE-2019-19286

  • EPSS 0.38%
  • Published 14.12.2020 21:15:16
  • Last modified 21.11.2024 04:34:29

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow SQL injection attacks if an attacker is able to modify content of particular web pages.

6.5

CVE-2019-19287

  • EPSS 0.17%
  • Published 14.12.2020 21:15:16
  • Last modified 21.11.2024 04:34:30

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the file system of the server based by sending specially crafted packets over the network without authentication.

6.1

CVE-2019-19288

  • EPSS 0.36%
  • Published 14.12.2020 21:15:16
  • Last modified 21.11.2024 04:34:30

A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link.

8.1

CVE-2019-13930

  • EPSS 0.17%
  • Published 12.12.2019 19:15:14
  • Last modified 21.11.2024 04:25:43

A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user i...

5.4

CVE-2019-13931

  • EPSS 0.4%
  • Published 12.12.2019 19:15:14
  • Last modified 21.11.2024 04:25:43

A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web interface could allow for an an attacker to craft the input in a form that is not expected, causing the application to behave in unexpected ways for legitimate users. Succe...

9.1

CVE-2019-13932

  • EPSS 0.37%
  • Published 12.12.2019 19:15:14
  • Last modified 21.11.2024 04:25:43

A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web application requests could be manipulated, causing the the application to behave in unexpected ways for legitimate users. Successful exploitation does not require for an at...