Lucene search
K

449 matches found

BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.8 views

The vulnerability of the centralized control system for network devices and ports of Advantech iView, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the centralized control system for network devices and ports of Advantech iView is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

6.4CVSS5.4AI score0.00194EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.6 views

The vulnerability of the CUtils.checkSQLInjection() function in the centralized device and port management system of Advantech iView allows a attacker to disclose sensitive information or cause service failures.

The vulnerability of the CUtils.checkSQLInjection function in the centralized device and port management system of Advantech iView is related to the lack of protective measures for SQL query structures. Exploiting this vulnerability can allow an attacker to disclose sensitive information or cause...

8CVSS5.5AI score0.00271EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.9 views

The vulnerability of the centralized control system for network devices and ports of Advantech iView, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.

The vulnerability of the centralized control system for network devices and ports of Advantech iView is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...

6.4CVSS5.4AI score0.00194EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2025/07/24 12:0 a.m.9 views

The vulnerability of the NetworkServlet.processImportRequest() function in the system for centrally managing network devices and ports of the Advantech iView platform allows a hacker to disclose protected information.

The vulnerability of the NetworkServlet.processImportRequest function in the system for centrally managing network devices and ports of the Advantech iView platform is related to an incorrect restriction on the path to the restricted directory. Exploiting this vulnerability could allow a maliciou...

4.3CVSS5.5AI score0.03317EPSS
Exploits0References3
CNVD
CNVD
added 2025/07/18 12:0 a.m.4 views

Advantech iView Cross-Site Scripting Vulnerability (CNVD-2025-17826)

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. A cross-site scripting vulnerability exists in Advantech iView due to improper validation of user-supplied input. An attacker could use this vulnerability to execute...

6.1CVSS5.9AI score0.00194EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/18 12:0 a.m.2 views

Advantech iView NetworkServlet.archiveTrap Function SQL Injection Vulnerability

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. An SQL injection vulnerability exists in the Advantech iView NetworkServlet.archiveTrap function. An attacker can exploit this vulnerability to perform SQL injection and execu...

8.8CVSS8.3AI score0.005EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/18 12:0 a.m.2 views

Advantech iView CUtils.checkSQLInjection Function SQL Injection Vulnerability

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. An SQL injection vulnerability exists in the Advantech iView CUtils.checkSQLInjection function, which can be exploited by an attacker to cause an information disclosure or...

7.6CVSS7.5AI score0.00271EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/18 12:0 a.m.2 views

Advantech iView NetworkServlet.backupDatabase Function Parameter Injection Vulnerability

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. The Advantech iView NetworkServlet.backupDatabase function parameter injection vulnerability can be exploited by an attacker to cause information disclosure, including sensiti...

7.1CVSS7.1AI score0.00282EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/18 12:0 a.m.4 views

Advantech iView Cross-Site Scripting Vulnerability

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. A cross-site scripting vulnerability exists in Advantech iView due to improper validation of user-supplied input. An attacker could use this vulnerability to execute...

5.4CVSS5.9AI score0.00194EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/18 12:0 a.m.2 views

Advantech iView Cross-Site Scripting Vulnerability (CNVD-2025-17827)

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. A cross-site scripting vulnerability exists in Advantech iView due to improper validation of user-supplied input. An attacker could use this vulnerability to execute...

5.4CVSS5.9AI score0.00194EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/15 12:0 a.m.2 views

Advantech iView SQL Injection Vulnerability (CNVD-2025-17830)

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. An SQL injection vulnerability exists in Advantech iView, which can be exploited by an attacker to perform SQL injection and execute code in the context of the 'nt...

8.8CVSS8.3AI score0.005EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/15 12:0 a.m.2 views

Advantech iView Parameter Injection Vulnerability

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. A parameter injection vulnerability exists in Advantech iView, which originates from parameter injection in the NetworkServlet.restoreDatabase function and can be exploited by...

7.1CVSS7.1AI score0.00286EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/15 12:0 a.m.5 views

Advantech iView path traversal vulnerability (CNVD-2025-17831)

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. A path traversal vulnerability exists in Advantech iView due to an error in NetworkServlet.processImportRequest. error in NetworkServlet.processImportRequest. An attacker coul...

5.3CVSS6.8AI score0.03317EPSS
Exploits0References1
CNVD
CNVD
added 2025/07/15 12:0 a.m.6 views

Advantech iView SQL Injection Vulnerability (CNVD-2025-17828)

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. The Advantech iView suffers from an SQL injection vulnerability that originates from improper parameter cleanup in the NetworkServlet.getNextTrapPage function, which can be...

8.8CVSS8.3AI score0.0428EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/13 12:40 a.m.14 views

CVE-2025-52459

A vulnerability exists in Advantech iView that allows for argument injection in NetworkServlet.backupDatabase. This issue requires an authenticated attacker with at least user-level privileges. Certain parameters can be used directly in a command without proper sanitization, allowing arbitrary...

7.1CVSS7.1AI score0.00282EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/13 12:39 a.m.10 views

CVE-2025-52577

A vulnerability exists in Advantech iView that could allow SQL injection and remote code execution through NetworkServlet.archiveTrapRange. This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not properly sanitized, allowing an attacker ...

8.8CVSS8.9AI score0.005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/13 12:39 a.m.12 views

CVE-2025-53515

A vulnerability exists in Advantech iView that allows for SQL injection and remote code execution through NetworkServlet.archiveTrap. This issue requires an authenticated attacker with at least user-level privileges. Certain input parameters are not sanitized, allowing an attacker to perform SQL...

8.8CVSS8.9AI score0.005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/13 12:39 a.m.11 views

CVE-2025-53509

A vulnerability exists in Advantech iView that allows for argument injection in the NetworkServlet.restoreDatabase. This issue requires an authenticated attacker with at least user-level privileges. An input parameter can be used directly in a command without proper sanitization, allowing arbitra...

7.1CVSS7.1AI score0.00286EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/13 12:39 a.m.10 views

CVE-2025-53475

A vulnerability exists in Advantech iView that could allow for SQL injection and remote code execution through NetworkServlet.getNextTrapPage. This issue requires an authenticated attacker with at least user-level privileges. Certain parameters in this function are not properly sanitized, allowin...

8.8CVSS8.9AI score0.0428EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/12 11:22 p.m.5 views

CVE-2025-53397

A vulnerability exists in Advantech iView versions prior to 5.7.05 build 7057, which could allow a reflected cross-site scripting XSS attack. By exploiting this flaw, an attacker could execute unauthorized scripts in the user's browser, potentially leading to information disclosure or other...

6.1CVSS6.1AI score0.00194EPSS
Exploits0References1
Rows per page
Query Builder