Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-1234
sql injection
advantech
broadwin
webaccess 7.0
remote authenticated users
cve-2012-1234
cve-2012-0234
vulnerability
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.2%
SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234.
Affected configurations
Node
advantechadvantech_webaccessRange≤6.0
ORadvantechadvantech_webaccessMatch5.0
Related
prion
prion
Sql injection
2012-02-21 13:31:00
Sql injection
2012-02-21 13:31:00
nvd
nvd
CVE-2012-1234
2012-02-21 13:31:57
CVE-2012-0234
2012-02-21 13:31:56
cvelist
cvelist
CVE-2012-1234
2022-10-03 16:15:24
CVE-2012-0234
2012-02-21 11:00:00
cve
cve
CVE-2012-0234
2012-02-21 13:31:56
nessus
nessus
Advantech WebAccess < 7.0-2009.06.29 Multiple Vulnerabilities
2015-08-28 00:00:00
Advantech WebAccess < 7.0-2009.06.29 Multiple Vulnerabilities
2017-02-14 00:00:00
ics
ics
Advantech WebAccess Vulnerabilities (UPDATE A)
2018-08-27 12:00:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.1 High
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
53.2%
Related for CVE-2012-1234