Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2021-21192

Malware in sbrugna...

6.1CVSS6.3AI score0.00867EPSS
Exploits1References3
OSV
OSVadded 2021/06/11 12:15 p.m.3 views

CVE-2021-34540

Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard...

6.1CVSS5.8AI score0.00867EPSS
Exploits1References2
Prion
Prionadded 2021/06/11 12:15 p.m.16 views

Cross site scripting

Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard...

4.3CVSS6AI score0.00867EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2021/06/11 11:26 a.m.43 views

CVE-2021-34540

Affected software: Advantech WebAccess 8.4.2 and 8.4.4. Vulnerability: Cross-site scripting (XSS) via the username field on the bwRoot.asp page of the WADashboard. Root cause/condition: reflected/injected XSS context is implied by the description, but explicit technical details about the root cau...

6.1CVSS6AI score0.00867EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2021/06/11 12:0 a.m.5 views

Advantech WebAccess 跨站脚本漏洞

Advantech WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech, Taiwan, China. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A security vulnerability exists in Advantec...

6.1CVSS5.7AI score0.00867EPSS
Exploits1References3
OSV
OSVadded 2021/02/23 5:15 p.m.4 views

CVE-2020-25161

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

8.8CVSS7.4AI score0.01509EPSS
Exploits0References1
NVD
NVDadded 2021/02/23 5:15 p.m.10 views

CVE-2020-25161

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

8.8CVSS0.01509EPSS
Exploits0References1
Prion
Prionadded 2021/02/23 5:15 p.m.15 views

Path traversal

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

6.5CVSS8.7AI score0.01509EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2021/02/23 4:14 p.m.22 views

CVE-2020-25161

The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator...

8.8AI score0.01509EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2020/10/19 12:0 a.m.40 views

Advantech WebAccess/SCADA WADashboard External Control of File Path Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Advantech WebAccess/SCADA. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the WADashboard...

8.8CVSS2.1AI score0.01509EPSS
Exploits0References1
BDU FSTEC
BDU FSTECadded 2019/10/29 12:0 a.m.4 views

The numerous vulnerabilities in the API interface of the WADashboard component of the Advantech WebAccess software allow a perpetrator to write or overwrite any files in the file system.

The multiple vulnerabilities of the API interface of the WADashboard component in the Advantech WebAccess remote monitoring software are related to deficiencies in path validation before its use in file operations. Exploiting these vulnerabilities could allow a malicious actor to read arbitrary...

6.8CVSS5.7AI score0.32367EPSS
Exploits1References3Affected Software1
CNVD
CNVDadded 2018/11/02 12:0 a.m.2 views

Advantech WebAccess WADashboard API 'readFile' Method Path Traversal Vulnerability

Advantech WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech. The software supports dynamic graphical displays and real-time data control, and provides remote control and management of automation devices.WADashboard API is one of the dashboard API components. A...

6.8CVSS6.6AI score0.32367EPSS
Exploits1References1
CNVD
CNVDadded 2018/11/02 12:0 a.m.3 views

Advantech WebAccess WADashboard API Path Traversal Vulnerability

Advantech WebAccess is a set of HMI/SCADA software based on browser architecture from Advantech. The software supports dynamic graphical displays and real-time data control, and provides remote control and management of automation devices.WADashboard API is one of the dashboard API components. A...

8.5CVSS6.8AI score0.12236EPSS
Exploits5References1
Prion
Prionadded 2018/10/31 10:29 p.m.14 views

Directory traversal

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API...

6.8CVSS6.2AI score0.32367EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2018/10/31 10:29 p.m.3 views

CVE-2018-15706

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API...

6.5CVSS5.8AI score0.32367EPSS
Exploits1References1
NVD
NVDadded 2018/10/31 10:29 p.m.13 views

CVE-2018-15706

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API...

6.8CVSS6.2AI score0.32367EPSS
Exploits1References1
OSV
OSVadded 2018/10/31 10:29 p.m.3 views

CVE-2018-15705

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code...

6.5CVSS6.1AI score0.12236EPSS
Exploits5References2
Cvelist
Cvelistadded 2018/10/31 10:0 p.m.22 views

CVE-2018-15706

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API...

6.2AI score0.32367EPSS
Exploits1References1
Cvelist
Cvelistadded 2018/10/31 10:0 p.m.28 views

CVE-2018-15705

WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFile API. An attacker can use this vulnerability to remotely execute arbitrary code...

6.5AI score0.12236EPSS
Exploits5References2
Rows per page
Query Builder