5 matches found
Advantech WebAccess 7.1 SQL Injection
Advantech WebAccess version 7.1 proof of concept exploit that demonstrates a SQL injection vulnerability original discovered in 2014. ============================================================================================================================================= | Title : Advantech...
CVE-2014-0763
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/scada/advantechwebaccessdbvisitorsqli.rb 2025-02-06 03:13:41+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...
Advantech WebAccess < 7.2-2013.11.14 Multiple Vulnerabilities
Binary data scadaadvantechwebaccess7220131114.nbin...
Advantech WebAccess SQL Injection Information Disclosure (CVE-2014-0763)
Multiple vulnerabilities have been reported in Advantech WebAccess. A remote attacker can exploit these vulnerabilities by sending a specially crafted request to the affected server...
CVE-2014-0763
Summary of CVE-2014-0763 (Advantech WebAccess) : The vulnerability affects Advantech WebAccess (7.1 and earlier) in the DBVisitor.dll component exposed via SOAP interfaces, where SOAP injection enables SQL injection through the ChartThemeConfig/service vectors. This may allow an attacker to perfo...