Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities that are vulnerable to the use of an attacker-controlled string in the construction of SQL queries. An attacker could extract user credentials, read or modify information, and remotely execute code.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2020-07-15T01:50:54
Updated: 2020-07-16T17:06:49
Reserved: 2020-06-19T00:00:00
Link: CVE-2020-14497
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-07-15T02:15:12.547
Modified: 2020-07-21T20:34:07.950
Link: CVE-2020-14497
JSON object: View
Redhat Information
No data.
CWE