CVE-2022-2136 HIGH

CVE-2022-2136: Advantech iView

Vendor Advantech Iview

Product iView

Weakness CWE-89 · SQLi

Published July 22, 2022

Last update April 16, 2025

View on NVD All CVEs

CVSS base score

8.8/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

The affected product is vulnerable to multiple SQL injections that require low privileges for exploitation and may allow an unauthorized attacker to disclose information.

Key dates

02Disclosure timeline

July 22, 2022 CVE published

April 16, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-2136 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

04Related CVE

CVE-2025-9302 PHPGurukul User Management System signup.php sql injection CVE-2024-53817 WordPress Acowebs Product Labels For Woocommerce plugin <= 1.5.8 - SQL Injection vulnerability CVE-2022-29410 WordPress Hermit 音乐播放器 plugin <= 3.1.6 - Authenticated SQL Injection (SQLi) vulnerability CVE-2023-2366 SourceCodester Faculty Evaluation System sql injection CVE-2025-32204 WordPress Split Test For Elementor Plugin <= 1.8.3 - SQL Injection vulnerability