mb_connect_line CVE 脆弱性と CVE 一覧(43)

製品(CPE): — CVE 件数: 43

mb_connect_line 脆弱性概要

mb_connect_line 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。

過去の問題は主に vendor risk sql injection and vendor risk input validation などに関し、一部は vendor impact data exposure を招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。

掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。

脆弱性分布の推移(直近24か月)

表示中 120 / 43 CVE 件数
«« 先頭 « 前へ 1 / 3 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-10521 An high privileged remote attacker can access a hidden configuration method, that should not be accessible by any user, to modify critical program parameters. This can result in a total loss of confidentiality, integrity and availability. [email protected] 8.6 0.31% 2026-06-23 2026-06-23
CVE-2026-40852 A highly authenticated attacker can alter the config generator injecting a payload into future created configurations. The device is not correctly checking this configuration value before passing it to an system execute leading to code execution. This can result in a total loss of confidentiality, integrity and availability. [email protected] 7.2 0.40% 2026-05-27 2026-06-17
CVE-2026-40851 A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability. [email protected] 8.4 0.14% 2026-05-27 2026-06-17
CVE-2026-40850 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 8.7 0.41% 2026-05-27 2026-06-17
CVE-2026-40849 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the user_alarmprofile view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40848 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40847 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system_tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40846 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40845 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the devices_configuration view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40844 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dashboard view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40843 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the alarming view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40842 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getWidgetTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40841 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40840 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the VerifyCreateLicences function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40839 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getComponentScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40838 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDeviceScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40837 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40836 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the inmessage model due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can result in a total loss of confidentiality and some loss of integrity. [email protected] 7.1 0.22% 2026-05-27 2026-06-17
CVE-2026-40835 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the saveObjectFromData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40834 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash_layout.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a non critical table. This can result in a total loss of confidentiality and some loss of integrity. [email protected] 7.1 0.22% 2026-05-27 2026-06-17
«« 先頭 « 前へ 1 / 3 次へ »
cvelogic Threat Intelligence