Vulnerabilities > Advantech > Advantech Webaccess > 5.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-02-21 | CVE-2011-4526 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0 Buffer overflow in an ActiveX control in Advantech/BroadWin WebAccess before 7.0 might allow remote attackers to execute arbitrary code via a long string value in unspecified parameters. | 10.0 |
2012-02-21 | CVE-2011-4525 | Permissions, Privileges, and Access Controls vulnerability in Advantech Webaccess 5.0/6.0 Advantech/BroadWin WebAccess before 7.0 allows remote attackers to trigger the extraction of arbitrary web content into a batch file on a client system, and execute this batch file, via unspecified vectors. | 10.0 |
2012-02-21 | CVE-2011-4524 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0 Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via a long string value in unspecified parameters. | 10.0 |
2012-02-21 | CVE-2011-4523 | Cross-Site Scripting vulnerability in Advantech Webaccess 5.0/6.0 Cross-site scripting (XSS) vulnerability in bwview.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 4.3 |
2012-02-21 | CVE-2011-4522 | Cross-Site Scripting vulnerability in Advantech Webaccess 5.0/6.0 Cross-site scripting (XSS) vulnerability in bwerrdn.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters. | 4.3 |
2012-02-21 | CVE-2011-4521 | SQL Injection vulnerability in Advantech Webaccess 5.0/6.0 SQL injection vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary SQL commands via crafted string input. | 7.5 |