CVE-2022-45086

CVE-2022-45086 affects Group Arge Energy and Control Systems Smartpower Web prior to version 23.01.01. The root cause is improper neutralization of user input during web page generation, enabling Cross-Site Scripting (XSS). The NVD reports a CVSSv3.1 base score of 5.4 (Media, Network attack vecto...

CVE-2022-45086 Cross-site Scripting in Smartpower Web

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting XSS. This issue affects Smartpower Web: before 23.01.01...

CVE-2022-45086 Cross-site Scripting in Smartpower Web

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting XSS. This issue affects Smartpower Web: before 23.01.01...

CVE-2022-45085 Server-Side Request Forgery in Smartpower Web

Server-Side Request Forgery SSRF vulnerability in Group Arge Energy and Control Systems Smartpower Web allows : Server Side Request Forgery. This issue affects Smartpower Web: before 23.01.01...

CVE-2022-45085 Server-Side Request Forgery in Smartpower Web

Server-Side Request Forgery SSRF vulnerability in Group Arge Energy and Control Systems Smartpower Web allows : Server Side Request Forgery. This issue affects Smartpower Web: before 23.01.01...

CVE-2022-45085

CVE-2022-45085 is a Server-Side Request Forgery (SSRF) vulnerability affecting Smartpower Web from Grup Arge Energy and Control Systems, with affected versions prior to 23.01.01. The issue is documented across multiple sources (NVD, Red Hat, PRION, CNNVD, CVE listings) as SSRF in Smartpower Web, ...

PT-2023-14600 · Unknown · Smartpower Web

Name of the Vulnerable Software and Affected Versions: Smartpower Web versions prior to 23.01.01 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows an attacker to perform Cross-Site Scripting XSS...

PT-2023-14595 · Unknown · Smartpower Web

Name of the Vulnerable Software and Affected Versions: Smartpower Web versions prior to 23.01.01 Description: The issue affects Smartpower Web, allowing Cross-Site Scripting XSS due to improper neutralization of input during web page generation. This enables attackers to inject malicious scripts...

PT-2023-14599 · Unknown · Smartpower Web

Name of the Vulnerable Software and Affected Versions: Smartpower Web versions prior to 23.01.01 Description: The issue is related to an Improper Input Validation vulnerability that allows SQL Injection in Smartpower Web. This vulnerability can be exploited due to the lack of proper validation of...

PT-2023-14594 · Group Arge Energy Control Systems · Smartpower Web

Name of the Vulnerable Software and Affected Versions: Smartpower Web versions prior to 23.01.01 Description: The issue affects Group Arge Energy and Control Systems Smartpower Web, allowing Cross-Site Scripting XSS due to improper neutralization of input during web page generation...

PT-2023-14593 · Unknown · Smartpower Web

Name of the Vulnerable Software and Affected Versions: Smartpower Web versions prior to 23.01.01 Description: The issue is related to a Server-Side Request Forgery SSRF vulnerability. This vulnerability allows for Server Side Request Forgery. Recommendations: For versions prior to 23.01.01, updat...

PT-2023-14597 · Unknown · Smartpower Web

Name of the Vulnerable Software and Affected Versions: Smartpower Web versions prior to 23.01.01 Description: The issue is related to improper input validation, which allows SQL Injection in Smartpower Web. This can be exploited due to the lack of proper validation of user input. Recommendations:...

PT-2023-14596 · Unknown · Smartpower Web

Name of the Vulnerable Software and Affected Versions: Smartpower Web versions prior to 23.01.01 Description: The issue is related to Improper Input Validation, which allows PHP Local File Inclusion in Smartpower Web. This can potentially be exploited due to the lack of proper validation of user...

smartpower.co.in Cross Site Scripting vulnerability OBB-1367858

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...