CVE-2014-0763

N/A Unknown
Published: April 12, 2014 Modified: May 06, 2026
View on NVD

Description

An attacker using SQL injection may use arguments to construct queries without proper sanitization. The DBVisitor.dll is exposed through SOAP interfaces, and the exposed functions are vulnerable to SOAP injection. This may allow unexpected SQL action and access to records in the table of the software database or execution of arbitrary code.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://webaccess.advantech.com/
Source: ics-cert@hq.dhs.gov
http://www.securityfocus.com/bid/66740
Source: ics-cert@hq.dhs.gov
https://www.cisa.gov/news-events/ics-advisories/icsa-14-079-03
Source: ics-cert@hq.dhs.gov
http://ics-cert.us-cert.gov/advisories/ICSA-14-079-03
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.securityfocus.com/bid/66740
Source: af854a3a-2127-422b-91ae-364da2661108

5 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
57.9%
98th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-89 CWE-89

Affected Vendors

advantech

Related CVEs

CVE-2026-8696 7.5
CVE-2026-45672 8.8
CVE-2026-45402 8.1
CVE-2026-45401 8.5
CVE-2026-45400 8.5