14 matches found
EUVD-2015-6416
Malware in sbrugna...
EUVD-2015-6415
Malware in sbrugna...
IBC Solar ServeMaster Cross-Site Scripting Vulnerability
ServeMaster TLP+ and Danfoss TLX Pro+ are web-based SCADA systems. A cross-site scripting vulnerability exists in ServeMaster TLP+ and Danfoss TLX Pro+. An attacker could exploit this vulnerability to perform XSS attacks...
IBC Solar ServeMaster Source Code Vulnerability
ServeMaster TLP+ and Danfoss TLX Pro+ are web-based SCADA systems. A source code vulnerability exists in IBC Solar ServeMaster. An attacker could exploit this vulnerability to obtain source code for executable scripts...
IBC Solar ServeMaster Plain Text Password Vulnerability
ServeMaster TLP+ and Danfoss TLX Pro+ are web-based SCADA systems. A plain text password vulnerability exists in ServeMaster TLP+ and Danfoss TLX Pro+. An attacker can exploit this vulnerability to obtain a plain text password by viewing the web page source code...
CVE-2015-6475
Multiple cross-site scripting XSS vulnerabilities in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-6474
IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to discover cleartext passwords by reading HTML source code...
Code injection
The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote attackers to discover script source code via unspecified vectors...
CVE-2015-6475
Multiple cross-site scripting XSS vulnerabilities in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-6474
IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to discover cleartext passwords by reading HTML source code...
CVE-2015-6469
The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote attackers to discover script source code via unspecified vectors...
CVE-2015-6474
The CVE-2015-6474 entry concerns IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ where an attacker can discover cleartext passwords by viewing the HTML source of web pages. Affected products are web-based SCADA systems; the root cause is improper handling/storage of credentials leading to exposur...
CVE-2015-6469
CVE-2015-6469 affects IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ where an interpreter misconfiguration allows remote disclosure of executable script source code. Affected products are web-based SCADA systems; attacker could obtain source code via unspecified vectors. ICS-CERT reports no patc...
CVE-2015-6475
CVE-2015-6475 involves multiple cross-site scripting (XSS) vulnerabilities in the web-based SCADA products served by IBC Solar: ServeMaster TLP+ and Danfoss TLX Pro+. The public records describe XSS as the underlying issue enabling an attacker to inject arbitrary web script or HTML via unspecifie...