Vulnerabilities > Advantech > Advantech Webaccess > 7.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-04-12 | CVE-2014-0767 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0/7.0 Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long AccessCode argument. | 7.5 |
| 2014-04-12 | CVE-2014-0766 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0/7.0 Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName2 argument. | 7.5 |
| 2014-04-12 | CVE-2014-0765 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0/7.0 Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long GotoCmd argument. | 7.5 |
| 2014-04-12 | CVE-2014-0764 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess 5.0/6.0/7.0 Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute arbitrary code via a long NodeName parameter. | 7.5 |
| 2014-04-12 | CVE-2014-0763 | SQL Injection vulnerability in Advantech Webaccess 5.0/6.0/7.0 Multiple SQL injection vulnerabilities in DBVisitor.dll in Advantech WebAccess before 7.2 allow remote attackers to execute arbitrary SQL commands via SOAP requests to unspecified functions. | 7.5 |
| 2013-08-22 | CVE-2013-2299 | Cross-Site Scripting vulnerability in Advantech Webaccess 5.0/6.0/7.0 Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |