helmholz myrex24v2.virtual CVE Vulnerabilities (40)

CVEs: 40 CPE versions: View versions table

Summary

This page lists publicly disclosed CVE vulnerabilities affecting helmholz myrex24v2.virtual (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.

Showing 120 of 40 CVEs
«« First « Prev Page 1 / 2 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2026-40850 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 8.7 0.41% 2026-05-27 2026-06-17
CVE-2026-40849 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the user_alarmprofile view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40848 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40847 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system_tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40846 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40845 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the devices_configuration view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40844 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dashboard view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40843 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the alarming view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40842 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getWidgetTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.27% 2026-05-27 2026-06-17
CVE-2026-40841 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40840 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the VerifyCreateLicences function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40839 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getComponentScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40838 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDeviceScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40837 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40836 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the inmessage model due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can result in a total loss of confidentiality and some loss of integrity. [email protected] 7.1 0.22% 2026-05-27 2026-06-17
CVE-2026-40835 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the saveObjectFromData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40834 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash_layout.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a non critical table. This can result in a total loss of confidentiality and some loss of integrity. [email protected] 7.1 0.22% 2026-05-27 2026-06-17
CVE-2026-40833 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a non critical table. This can result in a total loss of confidentiality and some loss of integrity. [email protected] 7.1 0.22% 2026-05-27 2026-06-17
CVE-2026-40832 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDevicegroups function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.26% 2026-05-27 2026-06-17
CVE-2026-40831 An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the Easy View due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality. [email protected] 7.1 0.32% 2026-05-27 2026-06-17
«« First « Prev Page 1 / 2 Next »
cvelogic Threat Intelligence