Xhq

xhq

Vendor: Siemens • 10 CVEs

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-19289 1Siemens 1Xhq Nov 21, 2024 Dec 14, 2020 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link.
CVE-2019-19288 1Siemens 1Xhq Nov 21, 2024 Dec 14, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link.
CVE-2019-19287 1Siemens 1Xhq Nov 21, 2024 Dec 14, 2020 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the file system of the server based by sending specially crafted packets over the network witho...Show more A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow attackers to traverse through the file system of the server based by sending specially crafted packets over the network without authentication.Show less
CVE-2019-19286 1Siemens 1Xhq Nov 21, 2024 Dec 14, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow SQL injection attacks if an attacker is able to modify content of particular web pages.
CVE-2019-19285 1Siemens 1Xhq Nov 21, 2024 Dec 14, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow injections that could lead to XSS attacks if unsuspecting users are tricked into accessing a malicious link.
CVE-2019-19284 1Siemens 1Xhq Nov 21, 2024 Dec 14, 2020 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify content of particular web pages, causing the application...Show more A vulnerability has been identified in XHQ (All Versions < 6.1). The web interface could allow Cross-Site Scripting (XSS) attacks if an attacker is able to modify content of particular web pages, causing the application to behave in unexpected ways for legitimate users.Show less
CVE-2019-19283 1Siemens 1Xhq Nov 21, 2024 Dec 14, 2020 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 A vulnerability has been identified in XHQ (All Versions < 6.1). The application's web server could expose non-sensitive information about the server's architecture. This could allow an attacker to adapt further attacks...Show more A vulnerability has been identified in XHQ (All Versions < 6.1). The application's web server could expose non-sensitive information about the server's architecture. This could allow an attacker to adapt further attacks to the version in place.Show less
CVE-2019-13932 1Siemens 1Xhq Jun 17, 2026 Dec 12, 2019 N/A· v4 9.1 CRITICAL· v3 6.4 MEDIUM· v2 A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web application requests could be manipulated, causing the the application to behave in unexpected ways for legitimate users. Successful exploitat...Show more A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web application requests could be manipulated, causing the the application to behave in unexpected ways for legitimate users. Successful exploitation does not require for an attacker to be authenticated. A successful attack could allow the import of scripts or generation of malicious links. This could allow the attacker to read or modify contents of the web application. At the time of advisory publication no public exploitation of this security vulnerability was known.Show less
CVE-2019-13931 1Siemens 1Xhq Jun 17, 2026 Dec 12, 2019 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web interface could allow for an an attacker to craft the input in a form that is not expected, causing the application to behave in unexpected wa...Show more A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web interface could allow for an an attacker to craft the input in a form that is not expected, causing the application to behave in unexpected ways for legitimate users. Successful exploitation requires for an attacker to be authenticated to the web interface. A successful attack could cause the application to have unexpected behavior. This could allow the attacker to modify contents of the web application. At the time of advisory publication no public exploitation of this security vulnerability was known.Show less
CVE-2019-13930 1Siemens 1Xhq Jun 17, 2026 Dec 12, 2019 N/A· v4 8.1 HIGH· v3 5.8 MEDIUM· v2 A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successfu...Show more A vulnerability has been identified in XHQ (All versions < V6.0.0.2). The web interface could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious link. Successful exploitation requires user interaction by a legitimate user, who must be authenticated to the web interface. A successful attack could allow an attacker to trigger actions via the web interface that the legitimate user is allowed to perform. This could allow the attacker to read or modify contents of the web application. At the time of advisory publication no public exploitation of this security vulnerability was known.Show less