Improper Input Validation vulnerability exists in PowerChute Business Edition (software V9.0.x and earlier) which could cause remote code execution when a script is executed during a shutdown...
8.8CVSS
7.6AI Score
0.002EPSS
Cross-site scripting (XSS) vulnerability in Schneider Electric PowerChute Business Edition before 8.5 allows remote attackers to inject arbitrary web script or HTML via unspecified...
5.8AI Score
0.001EPSS
Unknown vulnerability in APC PowerChute Business Edition 6.0 through 7.0.1 allows remote attackers to cause a denial of service via unknown attack...
7.4AI Score
0.015EPSS
PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that...
7.4AI Score
0.003EPSS
The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system...
7.8AI Score
0.002EPSS