35 matches found
CVE-2024-2882
SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA system...
EUVD-2020-17550
Malware in sbrugna...
EUVD-2020-17551
Malware in sbrugna...
CVE-2020-24842
PNPSCADA 2.200816204020 allows cross-site scripting XSS, which can execute arbitrary JavaScript in the victim's browser...
CVE-2024-2882
SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA system...
CVE-2024-2882 Missing Authorization in SDG Technologies PnPSCADA
SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA system...
CVE-2024-2882
CVE-2024-2882 affects SDG Technologies PnPSCADA (web-based SCADA HMI). Connected sources (CISA ICS advisory ICSA-24-179-02, Red Hat CVE page, NVD/NIST entries) confirm a missing authorization flaw (CWE-862) that allows a remote attacker to attach various entities without authenticating, potential...
SDG Technologies PnPSCADA
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : SDG Technologies Equipment : PnPSCADA Vulnerability : Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to attach various...
PnPSCADA 2.x SQL Injection
Exploit Title: PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Date: 15/5/2023 Exploit Author: Momen Eldawakhly Cyber Guy at Samurai Digital Security Ltd Vendor Homepage: https://pnpscada.com/ Version: PnPSCADA cross platforms: v2.x Tested on: Unix CVE : CVE-2023-1934 Proof-of-Concept:...
PnPSCADA v2.x - Unauthenticated PostgreSQL Injection
Exploit Title: PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Date: 15/5/2023 Exploit Author: Momen Eldawakhly Cyber Guy at Samurai Digital Security Ltd Vendor Homepage: https://pnpscada.com/ Version: PnPSCADA cross platforms: v2.x Tested on: Unix CVE : CVE-2023-1934 Proof-of-Concept:...
PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Vulnerability
Exploit Title: PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Exploit Author: Momen Eldawakhly Cyber Guy at Samurai Digital Security Ltd Vendor Homepage: https://pnpscada.com/ Version: PnPSCADA cross platforms: v2.x Tested on: Unix CVE : CVE-2023-1934 Proof-of-Concept:...
SDG PnPSCADA
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SDG Technologies Equipment: PnPSCADA Vulnerabilities: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to interact with the database and retrieve...
CVE-2023-1934
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...
CVE-2023-1934
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...
Code injection
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...
CVE-2023-1934
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...
CVE-2023-1934
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...
CVE-2023-1934
CVE-2023-1934 concerns SDG Technologies SDG PnPSCADA. The vulnerability is an unauthenticated, error-based PostgreSQL injection affecting the hitlogcsv.jsp endpoint, allowing remote attackers to read/modify data in the underlying database. Reported impact includes access to ICS/OT data and other ...
SDG Technologies PnPSCADA SQL注入漏洞
SDG Technologies PnPSCADA is an automated meter reading solution from SDG Technologies. SDG Technologies PnPSCADA suffers from a SQL injection vulnerability. An attacker exploiting this vulnerability could interact with the underlying database...
PT-2023-3021 · Postgresql · Postgresql
Name of the Vulnerable Software and Affected Versions: PnPSCADA affected versions not specified Description: The PnPSCADA system is affected by a critical unauthenticated error-based PostgreSQL Injection vulnerability. This security flaw is present within the "hitlogcsv.jsp" endpoint, allowing...