6 matches found
CVE-2025-41442
A vulnerability exists in Advantech iView versions prior to 5.7.05 build7057, which could allow a reflected cross-site scripting (XSS) attack.By manipulating certain input parameters, an attacker could executeunauthorized scripts in the user's browser, potentially leading toinformation disclosure o...
CVE-2025-52577
A vulnerability exists in Advantech iView that could allow SQL injectionand remote code execution through NetworkServlet.archiveTrapRange().This issue requires an authenticated attacker with at least user-levelprivileges. Certain input parameters are not properly sanitized,allowing an attacker to p...
CVE-2025-53475
A vulnerability exists in Advantech iView that could allow for SQLinjection and remote code execution throughNetworkServlet.getNextTrapPage(). This issue requires an authenticatedattacker with at least user-level privileges. Certain parameters in thisfunction are not properly sanitized, allowing an...
CVE-2025-46704
A vulnerability exists in Advantech iView inNetworkServlet.processImportRequest() that could allow for a directorytraversal attack. This issue requires an authenticated attacker with atleast user-level privileges. A specific parameter is not properlysanitized or normalized, potentially allowing an ...
CVE-2025-48891
A vulnerability exists in Advantech iView that could allow for SQLinjection through the CUtils.checkSQLInjection() function. Thisvulnerability can be exploited by an authenticated attacker with atleast user-level privileges, potentially leading to informationdisclosure or a denial-of-service condit...
CVE-2025-53519
A vulnerability exists in Advantech iView versions prior to 5.7.05 build7057, which could allow a reflected cross-site scripting (XSS) attack.By manipulating specific parameters, an attacker could executeunauthorized scripts in the user's browser, potentially leading toinformation disclosure or oth...