Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Webaccess
(Advantech)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 103 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-01-15 | CVE-2016-0852 | Advantech WebAccess before 8.1 allows remote attackers to bypass an intended administrative requirement and obtain file or folder access via unspecified vectors. | Webaccess | 7.5 | ||
| 2016-01-15 | CVE-2016-0851 | Advantech WebAccess before 8.1 allows remote attackers to cause a denial of service (out-of-bounds memory access) via unspecified vectors. | Webaccess | 7.5 | ||
| 2016-01-15 | CVE-2015-6467 | Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code via vectors involving a browser plugin. | Webaccess | 8.1 | ||
| 2016-01-15 | CVE-2015-3948 | Cross-site scripting (XSS) vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | Webaccess | 5.4 | ||
| 2016-01-15 | CVE-2015-3947 | SQL injection vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | Webaccess | 8.1 | ||
| 2016-01-15 | CVE-2015-3946 | Cross-site request forgery (CSRF) vulnerability in Advantech WebAccess before 8.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | Webaccess | 8.8 | ||
| 2016-01-15 | CVE-2015-3943 | Advantech WebAccess before 8.1 allows remote attackers to read sensitive cleartext information about e-mail project accounts via unspecified vectors. | Webaccess | 5.3 | ||
| 2015-09-11 | CVE-2014-9208 | Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors. | Webaccess | N/A | ||
| 2015-09-28 | CVE-2014-9202 | Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.0_20150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions. | Webaccess | N/A | ||
| 2014-11-21 | CVE-2014-8388 | Stack-based buffer overflow in Advantech WebAccess, formerly BroadWin WebAccess, before 8.0 allows remote attackers to execute arbitrary code via a crafted ip_address parameter in an HTML document. | Webaccess | N/A |