Advantech WebAccess/SCADA ICSA-18-023-01 Directory Traversal and SQL Injection Vulnerabilities

Advantech WebAccess/SCADA is prone to a directory-traversal vulnerability and a SQL-injection vulnerability

A remote attacker could exploit these issues to access data, or exploit latent vulnerabilities in the underlying database or use directory-traversal characters ('../') to access arbitrary files that contain sensitive information.


 

Privacy Statement
Copyright 2010, SecurityFocus