118 matches found
PT-2021-6930 · Elcomplus · Elcomplus Smartptt
Name of the Vulnerable Software and Affected Versions: Elcomplus SmartPTT affected versions not specified Description: The issue is related to authorization errors in the Elcomplus SmartPTT scada-server, allowing a low-authenticated user to access higher-level administration authorization. This c...
CVE-2020-6970
A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 if Modbus or ROC Interfaces have been installed and are in use and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server...
Heap overflow
A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 if Modbus or ROC Interfaces have been installed and are in use and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server...
CVE-2020-6970
The CVE-2020-6970 issue affects Emerson OpenEnterprise SCADA Server: OpenEnterprise Server 2.83 (with Modbus or ROC Interfaces in use) and OpenEnterprise 3.1–3.3.3. It is a heap-based buffer overflow enabling a specially crafted script to execute code on the OpenEnterprise Server. Mitigation per ...
Emerson OpenEnterprise
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Emerson Equipment: OpenEnterprise SCADA Server Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code on an OpenEnterprise SCADA...
Certec EDV atvise SCADA server 2.5.9 Privilege Escalation Vulnerability
Summary atvise scada is based on newest technologies and standards: The visualization in pure web technology as well as a consistent vertical object orientation based on OPC UA changes the world of process management systems. Description The application suffers from an unquoted search path issue...
Ecava IntegraXor SCADA Server权限访问漏洞
No description provided by source...
CVE-2015-0990
Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory...
Design/Logic Flaw
Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory...
CVE-2015-0990
Affected product: Ecava IntegraXor SCADA Server prior to version 4.2.4488. Issue: Untrusted search path (CWE-427) allows a local attacker to escalate privileges by placing a renamed DLL in the default install directory; the DLL is loaded by the application, executing code with the application’s p...
CVE-2014-2376
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Code injection
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag...
CVE-2014-2376 Ecava IntegraXor SCADA Server SQL Injection
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-2376
CVE-2014-2376 refers to an SQL injection vulnerability in Ecava IntegraXor SCADA Server, affecting stable 4.1.4360 and earlier and beta 4.1.4392 and earlier. The issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors, enabling potential reading/modifying of files ...
CVE-2014-2377
The CVE-2014-2377 entry affects Ecava IntegraXor SCADA Server versions 4.1.4360 and earlier (stable) and 4.1.4392 and earlier (beta), where built-in application tags can disclose full pathnames via environmental variables, enabling information exposure. Affected component: IntegraXor SCADA Server...
CVE-2014-2375 Ecava IntegraXor SCADA Server External Control of File Name or Path
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to read or write to arbitrary files, and obtain sensitive information or cause a denial of service disk consumption, via the CSV export feature...
CVE-2014-2377 Ecava IntegraXor SCADA Server Information Exposure Through Environmental Variables
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows remote attackers to discover full pathnames via an application tag...
Vulnerability Fixed in Subnet Solutions SCADA Server
A hole has been fixed in a popular industrial control system data management server that if left unpatched, could result in a remotely exploitable denial of service condition. Subnet Solutions, Inc., a Canadian manufacturer of electric utility products, fixed the vulnerability – along with anothe...
RealWin SCADA Server DATAC Login Buffer Overflow
No description provided by source. $Id: realwinonfcslogin.rb 13007 2011-06-22 22:36:55Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...