CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Nuclei•added yesterday•24 views

CirCarLife Scada <4.3 - System Log Exposure

CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI. CirCarLife is an internet-connected electric vehicle charging station. id: CVE-2018-12634 info: name: CirCarLife Scada 4.3 - System Log...

9.8CVSS7.3AI score0.92448EPSS

Nuclei•added yesterday•43 views

Nordex NC2 - Cross-Site Scripting

Nordex NC2 contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. id:...

6.1CVSS6AI score0.19026EPSS

Exploits1References4

Nuclei•added yesterday•13 views

CirCarLife <4.3 - Improper Authentication

CirCarLife before 4.3 is susceptible to improper authentication. A PLC status disclosure exists due to lack of authentication for /html/devstat.html. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2018-16670 info: name: CirCarLife 4.3 -...

5.3CVSS6.4AI score0.45583EPSS

Nuclei•added 2 days ago•19 views

CirCarLife <4.3 - Improper Authentication

CirCarLife before 4.3 is susceptible to improper authentication. An internal installation path disclosure exists due to the lack of authentication for /html/repository.System. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2018-16668 inf...

5.3CVSS6.8AI score0.52182EPSS

NVD•added 6 days ago•7 views

CVE-2026-10057

ITS Intelligent SCADA System developed by ITP Technology has a Stored Cross-Site Scripting vulnerability, allowing privileged remote attackers to inject persistent JavaScript codes that are executed in users' browsers upon page load...

4.8CVSS0.00033EPSS

EUVD•added 6 days ago•9 views

EUVD-2026-33268

Cvelist•added 6 days ago•30 views

CVE-2026-10058 ITP Technology｜ITS Intelligent SCADA System - Stored Cross-Site Scripting

4.8CVSS0.00033EPSS

CVE•added 6 days ago•9 views

CVE-2026-10058

The CVE-2026-10058 entry concerns ITS Intelligent SCADA System by ITP Technology and describes a Stored Cross-Site Scripting vulnerability that allows privileged remote attackers to inject JavaScript executed in users’ browsers on page load. Documents confirm the affected product, vulnerability t...

Vulnrichment•added 6 days ago•6 views

CVE-2026-10058 ITP Technology｜ITS Intelligent SCADA System - Stored Cross-Site Scripting

CVE•added 6 days ago•6 views

CVE-2026-10057

CVE-2026-10057 affects the ITS Intelligent SCADA System from ITP Technology. The vulnerability is a Stored Cross-Site Scripting (XSS) issue that lets privileged remote attackers inject persistent JavaScript that runs in users’ browsers when a page loads. The available documents confirm the affect...

Positive Technologies•added 6 days ago•7 views

PT-2026-44764

Cvelist•added last week•26 views

Exploits0References3

CVE-2026-9646 ScadaBR Unauthenticated Reflected Cross-Site Scripting

A reflected cross-site scripting issue exists in URL handling...

6.1CVSS0.00031EPSS

Vulnrichment•added last week•7 views

CVE-2026-9645 ScadaBR Authenticated Remote Code Execution

Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete system compromise as commands are executed as root...

9.9CVSS6.2AI score0.00053EPSS

NVD•added 2026/05/22 5:16 p.m.•6 views

CVE-2026-36226

Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...

6.1CVSS0.00039EPSS

Exploits1References1

GithubExploit•added 2026/05/22 2:18 p.m.•39 views

Exploit for CVE-2026-36226

CVE-2026-36226: Advantech WebAccess/SCADA Create New Project U...

5.9AI score0.00039EPSS

Exploits1

Cvelist•added 2026/05/22 12:0 a.m.•2 views

CVE-2026-36226

0.00039EPSS

Exploits1References1

CNNVD•added 2026/05/22 12:0 a.m.•4 views

Advantech WebAccess/SCADA 安全漏洞

Advantech WebAccess/SCADA is a SCADA software based on the browser architecture developed by Advantech China Research & Development. This software supports dynamic graphical displays and real-time data control, and provides functionality for remote control and management of automation devices. Th...

6.1CVSS5.7AI score0.00039EPSS

Exploits1References1

NVD•added 2026/05/19 6:16 p.m.•8 views

CVE-2026-8602

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...

9.1CVSS0.0007EPSS

NVD•added 2026/05/19 6:16 p.m.•11 views

CVE-2026-8603

In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...

9.8CVSS0.00345EPSS