What the vulnerability does

01Description

Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities that are vulnerable to the use of an attacker-controlled string in the construction of SQL queries. An attacker could extract user credentials, read or modify information, and remotely execute code.

Key dates

02Disclosure timeline

July 15, 2020 CVE published
August 4, 2024 Record updated