Vulnerabilities > Advantech > Webaccess > 6.0.2008.09.30
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-01-15 | CVE-2015-6467 | Unspecified vulnerability in Advantech Webaccess Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code via vectors involving a browser plugin. | 9.3 |
2016-01-15 | CVE-2015-3948 | Cross-site Scripting vulnerability in Advantech Webaccess Cross-site scripting (XSS) vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2016-01-15 | CVE-2015-3947 | SQL Injection vulnerability in Advantech Webaccess SQL injection vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2016-01-15 | CVE-2015-3946 | Cross-Site Request Forgery (CSRF) vulnerability in Advantech Webaccess Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess before 8.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | 6.8 |
2016-01-15 | CVE-2015-3943 | Information Exposure vulnerability in Advantech Webaccess Advantech WebAccess before 8.1 allows remote attackers to read sensitive cleartext information about e-mail project accounts via unspecified vectors. | 5.0 |
2015-09-11 | CVE-2014-9208 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2014-11-21 | CVE-2014-8388 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Advantech Webaccess Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. | 7.2 |