18 matches found
EUVD-2023-56992
Malicious code in bioql PyPI...
EUVD-2022-42713
Malicious code in bioql PyPI...
CVE-2022-3323
An SQL injection vulnerability in Advantech iView 5.7.04.6469. The specific flaw exists within the ConfigurationServlet endpoint, which listens on TCP port 8080 by default. An unauthenticated remote attacker can craft a special columnvalue parameter in the setConfiguration action to bypass checks...
CVE-2023-52335
Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exist...
CVE-2023-52335
Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exist...
CVE-2023-52335
Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exist...
CVE-2023-52335 Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability
Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exist...
CVE-2023-52335 Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability
Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exist...
CVE-2023-52335
CVE-2023-52335 affects Advantech iView’s ConfigurationServlet (listens on TCP port 8080). The flaw arises when parsing the column_value element, where user-supplied data is used to construct SQL queries without proper validation, enabling SQL injection and information disclosure of credentials. D...
Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ConfigurationServlet servlet, which listens on TCP port 8080 by default. Whe...
PT-2024-14531 · Advantech · Advantech Iview
Name of the Vulnerable Software and Affected Versions: Advantech iView affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this issue. The specific...
Advantech iView ConfigurationServlet SQLi (CVE-2022-3323)
Binary data scadaadvantechiviewcve-2022-3323.nbin...
Advantech iView SQL Injection Vulnerability
Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B+B SmartWorx devices. An SQL injection vulnerability exists in Advantech iView version 5.7.04.6469, which stems from a flaw in its ConfigurationServlet endpoint that can be exploited by an attacker t...
CVE-2022-3323
An SQL injection vulnerability in Advantech iView 5.7.04.6469. The specific flaw exists within the ConfigurationServlet endpoint, which listens on TCP port 8080 by default. An unauthenticated remote attacker can craft a special columnvalue parameter in the setConfiguration action to bypass checks...
CVE-2022-3323
An SQL injection vulnerability in Advantech iView 5.7.04.6469. The specific flaw exists within the ConfigurationServlet endpoint, which listens on TCP port 8080 by default. An unauthenticated remote attacker can craft a special columnvalue parameter in the setConfiguration action to bypass checks...
Sql injection
An SQL injection vulnerability in Advantech iView 5.7.04.6469. The specific flaw exists within the ConfigurationServlet endpoint, which listens on TCP port 8080 by default. An unauthenticated remote attacker can craft a special columnvalue parameter in the setConfiguration action to bypass checks...
PT-2022-6141 · Advantech · Advantech Iview
Name of the Vulnerable Software and Affected Versions: Advantech iView version 5.7.04.6469 Description: The issue is related to an SQL injection vulnerability. It exists within the "ConfigurationServlet" endpoint, which listens on TCP port 8080 by default. An unauthenticated remote attacker can...
Advantech iView setConfiguration column_value SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech iView. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ConfigurationServlet endpoint, which listens on TCP port 8080 by default. Wh...