Lucene search
K

34 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:35 a.m.21 views

CVE-2021-41542

A vulnerability has been identified in Climatix POL909 AWB module All versions V11.44, Climatix POL909 AWM module All versions V11.36. The User Management page of affected devices is vulnerable to cross-site scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code whi...

6.1CVSS6.2AI score0.00553EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:0 a.m.8 views

CVE-2020-7574

A vulnerability has been identified in Climatix POL908 BACnet/IP module All versions, Climatix POL909 AWM module All versions V11.32. A persistent cross-site scripting XSS vulnerability exists in the "Server Config" web interface of the affected devices that could allow an attacker to inject...

6.1CVSS5.9AI score0.00645EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.11 views

CVE-2020-7575

A vulnerability has been identified in Climatix POL908 BACnet/IP module All versions, Climatix POL909 AWM module All versions V11.32. A persistent cross-site scripting XSS vulnerability exists in the web server access log page of the affected devices that could allow an attacker to inject arbitra...

6.1CVSS5.9AI score0.00645EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-28561

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00735EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.20 views

EUVD-2021-28560

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00553EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-28559

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00553EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.21 views

EUVD-2021-27544

Malicious code in bioql PyPI...

7.4CVSS7.5AI score0.00408EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:9 p.m.7 views

CVE-2021-41541

A vulnerability has been identified in Climatix POL909 AWB module All versions V11.44, Climatix POL909 AWM module All versions V11.36. The Group Management page of affected devices is vulnerable to cross-site scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code...

6.1CVSS6.2AI score0.00553EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/03/08 12:15 p.m.2 views

CVE-2021-41542

A vulnerability has been identified in Climatix POL909 AWB module All versions V11.44, Climatix POL909 AWM module All versions V11.36. The User Management page of affected devices is vulnerable to cross-site scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code whi...

6.1CVSS6.2AI score0.00553EPSS
Exploits0References2
NVD
NVD
added 2022/03/08 12:15 p.m.29 views

CVE-2021-41541

A vulnerability has been identified in Climatix POL909 AWB module All versions V11.44, Climatix POL909 AWM module All versions V11.36. The Group Management page of affected devices is vulnerable to cross-site scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code...

6.1CVSS0.00553EPSS
Exploits0References1
OSV
OSV
added 2022/03/08 12:15 p.m.6 views

CVE-2021-41543

A vulnerability has been identified in Climatix POL909 AWB module All versions V11.44, Climatix POL909 AWM module All versions V11.36. The handling of log files in the web application of affected devices contains an information disclosure vulnerability which could allow logged in users to access...

6.5CVSS6.5AI score0.00735EPSS
Exploits0References1
OSV
OSV
added 2022/03/08 12:15 p.m.3 views

CVE-2021-41541

A vulnerability has been identified in Climatix POL909 AWB module All versions V11.44, Climatix POL909 AWM module All versions V11.36. The Group Management page of affected devices is vulnerable to cross-site scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code...

6.1CVSS6.2AI score0.00553EPSS
Exploits0References1
NVD
NVD
added 2022/03/08 12:15 p.m.58 views

CVE-2021-41542

A vulnerability has been identified in Climatix POL909 AWB module All versions V11.44, Climatix POL909 AWM module All versions V11.36. The User Management page of affected devices is vulnerable to cross-site scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code whi...

6.1CVSS0.00553EPSS
Exploits0References1
Prion
Prion
added 2022/03/08 12:15 p.m.13 views

Information disclosure

A vulnerability has been identified in Climatix POL909 AWB module All versions V11.44, Climatix POL909 AWM module All versions V11.36. The handling of log files in the web application of affected devices contains an information disclosure vulnerability which could allow logged in users to access...

4CVSS6.1AI score0.00735EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2022/03/08 12:15 p.m.17 views

Cross site scripting

A vulnerability has been identified in Climatix POL909 AWB module All versions V11.44, Climatix POL909 AWM module All versions V11.36. The User Management page of affected devices is vulnerable to cross-site scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code whi...

4.3CVSS5.9AI score0.00553EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/03/08 11:31 a.m.96 views

CVE-2021-41543

The CVE-2021-41543 vulnerability affects Siemens Climatix POL909 (AWB and AWM modules). It is an information disclosure in the web application’s handling of log files, allowing logged-in users to access sensitive files. Affected products: POL909 AWB and POL909 AWM modules; versions prior to 11.34...

6.5CVSS6.1AI score0.00735EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/03/08 11:31 a.m.33 views

CVE-2021-41541

A vulnerability has been identified in Climatix POL909 AWB module All versions V11.44, Climatix POL909 AWM module All versions V11.36. The Group Management page of affected devices is vulnerable to cross-site scripting XSS. The vulnerability allows an attacker to send malicious JavaScript code...

6.2AI score0.00553EPSS
Exploits0References1
CVE
CVE
added 2022/03/08 11:31 a.m.115 views

CVE-2021-41541

CVE-2021-41541 affects Siemens Climatix POL909: AWB and AWM web modules. The Group Management page is vulnerable to cross-site scripting (XSS) on all versions prior to V11.44 (AWB) and V11.36 (AWM). Exploitation could allow an attacker to inject JavaScript to hijack cookies/session tokens, redire...

6.1CVSS5.9AI score0.00553EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2022/03/08 12:0 a.m.5 views

Climatix POL909跨站脚本漏洞

Siemens Climatix AWB Advanced Web and BACnet Module, POL909 enables users of the Climatix 600 solution to connect to a BACnet IP network and to implement and load customer web pages and features.Siemens Climatix AWM Advanced Web Module, POL909 enables users of the Climatix 600 solution to impleme...

6.1CVSS5.3AI score0.00553EPSS
Exploits0References5
ICS
ICS
added 2022/03/08 12:0 a.m.80 views

Siemens Climatix POL909

1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: Climatix POL909 AWB and AWM modules Vulnerabilities: Cross-site Scripting, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...

6.5CVSS7AI score0.00735EPSS
Exploits0References11
Rows per page
Query Builder