Lucene search
K

3452 matches found

NVD
NVD
added 2026/05/22 5:16 p.m.24 views

CVE-2026-36226

Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...

6.1CVSS0.00256EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/05/22 2:18 p.m.100 views

Exploit for CVE-2026-36226

CVE-2026-36226: Advantech WebAccess/SCADA Create New Project U...

5.9AI score0.00256EPSS
Exploits1
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.13 views

Advantech WebAccess/SCADA 安全漏洞

Advantech WebAccess/SCADA is a SCADA software based on the browser architecture developed by Advantech China Research & Development. This software supports dynamic graphical displays and real-time data control, and provides functionality for remote control and management of automation devices. Th...

6.1CVSS5.7AI score0.00256EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/22 12:0 a.m.20 views

CVE-2026-36226

Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...

0.00256EPSS
Exploits1References1
NVD
NVD
added 2026/05/19 6:16 p.m.27 views

CVE-2026-8602

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...

9.1CVSS0.00448EPSS
Exploits0References1
NVD
NVD
added 2026/05/19 6:16 p.m.26 views

CVE-2026-8603

In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...

9.8CVSS0.01317EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 5:8 p.m.20 views

CVE-2026-8605

CVE-2026-8605 affects ScadaBR 1.2.0 via a Use of Hard-Coded Credentials vulnerability that could let an attacker access the SCADA system as admin. The provided sources specify admin-level access without authentication, with CVSS 3.1 indicating a CRITICAL impact (score 9.8) and network access with...

9.8CVSS5.8AI score0.00387EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/19 5:8 p.m.13 views

CVE-2026-8605 Use of Hard-coded Credentials in ScadaBR

In ScadaBR version 1.2.0, a Use of Hard-Coded Credentials vulnerability could allow an attacker to access the SCADA system as admin...

5.1CVSS5.8AI score0.00387EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 5:5 p.m.20 views

CVE-2026-8604

CVE-2026-8604 concerns ScadaBR 1.2.0 and is described as a CSRF vulnerability that could allow an attacker to trigger any authenticated action via a victim’s session by convincing a logged-in user to visit a malicious page. The available sources confirm the affected software and the underlying is...

8.8CVSS5.8AI score0.00178EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/19 5:3 p.m.10 views

CVE-2026-8603

In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...

8.7CVSS5.9AI score0.01317EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/19 5:3 p.m.45 views

CVE-2026-8603 Improper neutralization of special elements used in an OS command ('OS command injection') in ScadaBR

In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...

8.7CVSS0.01317EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/19 5:3 p.m.29 views

EUVD-2026-30961

In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...

8.7CVSS5.9AI score0.01317EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/19 5:3 p.m.9 views

CVE-2026-8603 Improper neutralization of special elements used in an OS command ('OS command injection') in ScadaBR

In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...

8.7CVSS5.9AI score0.01317EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 5:3 p.m.28 views

CVE-2026-8603

In ScadaBR 1.2.0, an OS command injection vulnerability could allow an attacker to execute commands as root on the SCADA system. The issue is described as a network‑level vulnerability with no user interaction required, and could impact confidentiality, integrity, and availability (all HIGH). The...

9.8CVSS5.9AI score0.01317EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/05/19 5:0 p.m.45 views

CVE-2026-8602 Missing authentication for critical function in ScadaBR

In ScadaBR version 1.2.0, a Missing Authentication for Critical Function vulnerability could allow an unauthenticated attacker to send a HTTP GET requests to the SCADA system and inject arbitrary sensor readings...

8.8CVSS0.00448EPSS
Exploits0References1
CVE
CVE
added 2026/05/19 5:0 p.m.35 views

CVE-2026-8602

CVE-2026-8602 affects ScadaBR 1.2.0, described as a Missing Authentication for Critical Function vulnerability that could allow an unauthenticated attacker to send HTTP GET requests to the SCADA system and inject arbitrary sensor readings. The connected documents provide concrete details: vulnera...

9.1CVSS5.9AI score0.00448EPSS
Exploits0References1Affected Software1
ICS
ICS
added 2026/05/19 6:0 a.m.25 views

ScadaBR

ADVISORY SUMMARY Successful exploitation of these vulnerabilities could allow an attacker to perform unauthenticated remote code execution. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Minimize network...

6.3AI score
Exploits0References13
Positive Technologies
Positive Technologies
added 2026/05/19 12:0 a.m.17 views

PT-2026-41989

In ScadaBR version 1.2.0, an OS Command Injection vulnerability could allow an attacker to execute commands as root on the SCADA system...

8.7CVSS5.9AI score0.01317EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.13 views

Sensorweb ScadaBR 访问控制错误漏洞

Sensorweb ScadaBR is a set of open-source software developed by Sensorweb Corporation for creating automated data acquisition and monitoring applications. Version 1.2.0 of Sensorweb ScadaBR contains an access control vulnerability. This vulnerability stems from the lack of authentication for...

9.1CVSS6AI score0.00448EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.12 views

Sensorweb ScadaBR 跨站请求伪造漏洞

Sensorweb ScadaBR is a set of open-source software developed by Sensorweb Corporation for creating automated data acquisition and monitoring applications. Version 1.2.0 of Sensorweb ScadaBR contains a vulnerability related to cross-site request forgeing. This vulnerability arises when attackers...

8.8CVSS5.7AI score0.00178EPSS
Exploits0References1
Rows per page
Query Builder