CVE-2014-0763

CVE-2014-0763: Advantech WebAccess SQL Injection

Vendor Advantech

Product WebAccess

Weakness CWE-89 · SQLi

Published April 12, 2014

Last update September 19, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

An attacker using SQL injection may use arguments to construct queries without proper sanitization. The DBVisitor.dll is exposed through SOAP interfaces, and the exposed functions are vulnerable to SOAP injection. This may allow unexpected SQL action and access to records in the table of the software database or execution of arbitrary code.

Key dates

02Disclosure timeline

April 12, 2014 CVE published

September 19, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2014-0763 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

04Related CVE

CVE-2023-25197 apache fineract: SQL injection vulnerability in certain procedure calls CVE-2025-31466 WordPress Duplicate Page and Post plugin <= 1.0 - SQL Injection Vulnerability CVE-2025-11024 SQLi in Akıllı Ticaret's E-Commerce Pack CVE-2025-4758 PHPGurukul Beauty Parlour Management System contact.php sql injection CVE-2023-3880 Campcodes Beauty Salon Management System del_service.php sql injection