Lucene search
CertccCVELIST:CVE-2012-2596HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-2596
2022-10-0316:15:37
certcc
www.cve.org
siemens wincc xpath xml injection
The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to read or modify settings via a crafted URL, related to an “XML injection” attack.
Related
cve
cve
CVE-2012-2596
2022-10-03 16:15:37
nvd
nvd
CVE-2012-2596
2012-06-08 18:55:02
ptsecurity
ptsecurity
PT-2012-08: XPath Injection in WinCC (SCADA)
2012-06-20 00:00:00
prion
prion
Xxe
2012-06-08 18:55:00
ics
ics
Siemens WinCC Multiple Vulnerabilities
2014-01-30 12:00:00