6 matches found
CVE-2020-7003
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is transmitted over some web applications in clear text...
Code injection
In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpress configuration utility, Version 2.3.0 or lower, sensitive information is stored in configuration files without encryption, which may allow an attacker to access an administrative account...
SQL Injection Vulnerability in 162100 Simple Forum System of Shenyang Huanggu District Ainong Network Technology Service Center (CNVD-2020-00002)
Huanggu District, Shenyang City, love thick network technology service center simple forum system is a forum website building system. Shenyang Huanggu District, Shenyang City, love thick network technology service center 162100 simple forum system there are SQL injection vulnerabilities, attacker...
Command Execution Vulnerability in Siemens PLC s7-300
S7-300 is one of the programmable logic controller PLC series products produced by Siemens AG of Germany. A command execution vulnerability exists in Siemens PLC s7-300, which can be exploited by an attacker to execute malicious commands and gain administrator privileges...
SQL injection vulnerability in 162100 Simplex Forum System of Shenyang Huanggu District Ainong Network Technology Service Center
Huanggu District, Shenyang City, love thick network technology service center simple forum system is a forum website building system. Shenyang Huanggu District, Shenyang City, love thick network technology service center 162100 simple forum system there are SQL injection vulnerabilities, attacker...
The vulnerability of the microprogrammed software of Moxa ioLogik 2542-HSPA remote input/output modules and the Moxa Ioxpress Configuration Utility, which involves storing critical information in the form of plain text, allows a perpetrator to intercept administrator credentials and other confidential information, thereby gaining access to the control system.
The vulnerability of the microprogrammed input/output module Moxa ioLogik 2542-HSPA and the Moxa Ioxpress Configuration Utility is related to the default use of the HTTP protocol during the implementation of the “Basic HTTP Authentication” method. Exploiting this vulnerability allows a malicious...