Lucene search
K

449 matches found

RedhatCVE
RedhatCVE
added 2025/07/12 11:22 p.m.7 views

CVE-2025-41442

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By manipulating certain input parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosu...

5.4CVSS5.9AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/12 11:22 p.m.6 views

CVE-2025-53397

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By exploiting this flaw, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other...

6.1CVSS6.1AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/12 11:22 p.m.9 views

CVE-2025-53519

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By manipulating specific parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or...

5.4CVSS5.5AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/12 11:22 p.m.18 views

CVE-2025-48891

A vulnerability exists in Advantech iView that could allow for SQL injection through the CUtils.checkSQLInjection function. This vulnerability can be exploited by an authenticated attacker with at least user-level privileges, potentially leading to information disclosure or a denial-of-service...

7.6CVSS6.7AI score0.00271EPSS
Exploits0References1
NVD
NVD
added 2025/07/11 12:15 a.m.6 views

CVE-2025-53515

A vulnerability exists in Advantech iView that allows for SQL injection and remote code execution through NetworkServlet.archiveTrap. This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not sanitized, allowing an attacker to perform SQL...

8.8CVSS0.005EPSS
Exploits0References2
OSV
OSV
added 2025/07/11 12:15 a.m.3 views

CVE-2025-53509

A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.restoreDatabase. This issue requires an authenticated attacker with at least user-level privileges. An input parameter can be used directly in a command without proper sanitization, allowing arbitra...

7.1CVSS5.8AI score0.00286EPSS
Exploits0References2
OSV
OSV
added 2025/07/11 12:15 a.m.4 views

CVE-2025-53519

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By manipulating specific parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or...

5.1CVSS5.7AI score0.00194EPSS
Exploits0References2
NVD
NVD
added 2025/07/11 12:15 a.m.7 views

CVE-2025-53509

A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.restoreDatabase. This issue requires an authenticated attacker with at least user-level privileges. An input parameter can be used directly in a command without proper sanitization, allowing arbitra...

7.1CVSS0.00286EPSS
Exploits0References2
OSV
OSV
added 2025/07/11 12:15 a.m.4 views

CVE-2025-53515

A vulnerability exists in Advantech iView that allows for SQL injection and remote code execution through NetworkServlet.archiveTrap. This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not sanitized, allowing an attacker to perform SQL...

8.7CVSS6.5AI score0.005EPSS
Exploits0References2
NVD
NVD
added 2025/07/11 12:15 a.m.8 views

CVE-2025-53519

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By manipulating specific parameters, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or...

5.4CVSS0.00194EPSS
Exploits0References2
NVD
NVD
added 2025/07/11 12:15 a.m.11 views

CVE-2025-53475

A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage. This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowin...

8.8CVSS0.0428EPSS
Exploits0References2
OSV
OSV
added 2025/07/11 12:15 a.m.4 views

CVE-2025-53475

A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage. This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowin...

8.7CVSS6.5AI score0.0428EPSS
Exploits0References2
OSV
OSV
added 2025/07/11 12:15 a.m.6 views

CVE-2025-52577

A vulnerability exists in Advantech iView that could allow SQL injection and remote code execution through NetworkServlet.archiveTrapRange. This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not properly sanitized, allowing an attacker ...

8.7CVSS6.4AI score0.005EPSS
Exploits0References2
NVD
NVD
added 2025/07/11 12:15 a.m.8 views

CVE-2025-53397

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By exploiting this flaw, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other...

6.1CVSS0.00194EPSS
Exploits0References2
NVD
NVD
added 2025/07/11 12:15 a.m.5 views

CVE-2025-52577

A vulnerability exists in Advantech iView that could allow SQL injection and remote code execution through NetworkServlet.archiveTrapRange. This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not properly sanitized, allowing an attacker ...

8.8CVSS0.005EPSS
Exploits0References2
NVD
NVD
added 2025/07/11 12:15 a.m.5 views

CVE-2025-52459

A vulnerability exists in Advantech iView that allows for argument injection in NetworkServlet.backupDatabase. This issue requires an authenticated attacker with at least user-level privileges. Certain parameters can be used directly in a command without proper sanitization, allowing arbitrary...

7.1CVSS0.00282EPSS
Exploits0References2
OSV
OSV
added 2025/07/11 12:15 a.m.5 views

CVE-2025-53397

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By exploiting this flaw, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other...

6.1CVSS5.7AI score0.00194EPSS
Exploits0References2
OSV
OSV
added 2025/07/11 12:15 a.m.1 views

CVE-2025-48891

A vulnerability exists in Advantech iView that could allow for SQL injection through the CUtils.checkSQLInjection function. This vulnerability can be exploited by an authenticated attacker with at least user-level privileges, potentially leading to information disclosure or a denial-of-service...

7.2CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2025/07/11 12:15 a.m.4 views

CVE-2025-46704

A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest that could allow for a directory traversal attack. This issue requires an authenticated attacker with at least user-level privileges. A specific parameter is not properly sanitized or normalized, potentially allowing...

5.3CVSS5.9AI score0.03317EPSS
Exploits0References2
NVD
NVD
added 2025/07/11 12:15 a.m.8 views

CVE-2025-48891

A vulnerability exists in Advantech iView that could allow for SQL injection through the CUtils.checkSQLInjection function. This vulnerability can be exploited by an authenticated attacker with at least user-level privileges, potentially leading to information disclosure or a denial-of-service...

7.6CVSS0.00271EPSS
Exploits0References2
Rows per page
Query Builder