Advantech » Advantech Webaccess : Security Vulnerabilities, CVEs, (Sql injection)

CVE-2014-0763

Public exploit
Multiple SQL injection vulnerabilities in DBVisitor.dll in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary SQL commands via SOAP requests to unspecified functions.
Max CVSS
7.5
EPSS Score
0.85%
Published
2014-04-12
Updated
2015-07-24

CVE-2012-1234

SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234.
Max CVSS
6.5
EPSS Score
0.11%
Published
2012-02-21
Updated
2012-02-23

CVE-2012-0244

Multiple SQL injection vulnerabilities in Advantech/BroadWin WebAccess before 7.0 allow remote attackers to execute arbitrary SQL commands via crafted string input.
Max CVSS
7.5
EPSS Score
0.16%
Published
2012-02-21
Updated
2018-01-05

CVE-2012-0234

SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via a malformed URL.
Max CVSS
7.5
EPSS Score
0.16%
Published
2012-02-21
Updated
2018-01-05

CVE-2011-4521

SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via crafted string input.
Max CVSS
7.5
EPSS Score
0.16%
Published
2012-02-21
Updated
2018-01-05
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close