An authenticated SQL injection vulnerability exists in Advantech iView versions prior to v5.7.4 build 6752. An authenticated remote attacker can bypass checks in com.imc.iview.utils.CUtils.checkSQLInjection() to perform blind SQL injection.
CPE | Name | Operator | Version |
---|---|---|---|
iview | lt | 5.7.4.6752 |