Total
44 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0233 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | 4.3 MEDIUM | N/A |
|
Cross-site scripting (XSS) vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via a malformed URL.
|
|||||
| CVE-2012-1235 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | 6.0 MEDIUM | N/A |
|
Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0235.
|
|||||
| CVE-2011-4521 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | 7.5 HIGH | N/A |
|
SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via crafted string input.
|
|||||
| CVE-2012-0243 | 1 Advantech | 1 Advantech Webaccess | 2025-04-11 | 10.0 HIGH | N/A |
|
Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code by leveraging the ability to write arbitrary content to any pathname.
|
|||||