CVE |
Vendors |
Products |
Updated |
CVSS |
CVE-2018-10591 |
1 Advantech |
3 Webaccess, Webaccess%2fnms, Webaccess Dashboard |
2019-10-09 |
2.6 |
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an origin validation... |
CVE-2018-15707 |
1 Advantech |
1 Webaccess |
2018-12-12 |
3.5 |
Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page. An attacker could leverage this vulnerability to disclose credentials amongst other things. |
CVE-2016-4525 |
1 Advantech |
1 Webaccess |
2016-06-28 |
3.3 |
Unspecified ActiveX controls in Advantech WebAccess before 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESAFE_FOR_UNTRUSTED_CALLER (aka safe for scripting) flag. |
CVE-2015-3948 |
1 Advantech |
1 Webaccess |
2016-01-20 |
3.5 |
Cross-site scripting (XSS) vulnerability in Advantech WebAccess before 8.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |
CVE-2013-2299 |
1 Advantech |
1 Advantech Webaccess |
2013-08-23 |
3.5 |
Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess) before 7.1 2013.05.30 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. |