CVE-2022-1607 Cross Site Scripting vulnerability in NE843 Pulsar Plus Controller

Cross-Site Request Forgery CSRF vulnerability in ABB Pulsar Plus System Controller NE843S, ABB Infinity DC Power Plant allows Cross Site Request Forgery.This issue affects Pulsar Plus System Controller NE843S : comcode 150042936; Infinity DC Power Plant: H5692448 G104 G842 G224L G630-4 G451C2 G46...

CVE-2022-1607

ABB Pulsar Plus System Controller NE843_S and ABB Infinity DC Power Plant (H5692448 variants) are affected by CSRF (CVE-2022-1607). The issue arises from vulnerable web interfaces allowing unauthorized state-changing actions via forged requests. Affected versions include NE843_S comcode 150042936...

Pulsar Plus System Controller 跨站请求伪造漏洞

The Pulsar Plus System Controller is the Pulsar Plus family of controllers. A security vulnerability exists in ABB Pulsar Plus System Controller version NE843S, which originates from ABB Infinity DC Power Plant allowing cross-site request forgery, affecting the following products and versions:...

PT-2023-3375 · Abb · Abb Infinity Dc Power Plant +1

Name of the Vulnerable Software and Affected Versions: ABB Pulsar Plus System Controller NE843 S version comcode 150042936 ABB Infinity DC Power Plant versions H5692448 G104, H5692448 G842, H5692448 G224L, H5692448 G630-4, H5692448 G451C2, H5692448 G4612 – comcode 150047415 Description: The issue...

PT-2022-26089 · F5 · F5Os-A +1

Name of the Vulnerable Software and Affected Versions: F5OS-A versions 1.x before 1.1.0 F5OS-C versions 1.x before 1.5.0 Description: The issue is related to excessive file permissions in F5OS, allowing an authenticated local attacker to execute a limited set of commands in a container and impact...

CVE-2022-28621

A remote disclosure of sensitive information vulnerability was discovered in HPE NonStop DSM/SCM version: T6031H03^ADP. HPE has provided a software update to resolve this vulnerability in HPE NonStop DSM/SCM...

Triconex Model 3009 MP 代码问题漏洞

The Swan Electric Triconex Model 3009 MP is a system controller from Swan Electric. A security vulnerability exists in the Triconex Model 3009 MP that arises from improper checking of abnormal or unusual conditions...

Triconex Model 3009 MP 代码问题漏洞

The Swan Electric Triconex Model 3009 MP is a system controller from Swan Electric. A security vulnerability exists in the Triconex Model 3009 MP that arises from improper checking of abnormal or unusual conditions...

Triconex Model 3009 MP 代码问题漏洞

The Swan Electric Triconex Model 3009 MP is a system controller from Swan Electric. A security vulnerability exists in the Triconex Model 3009 MP that arises from improper checking of abnormal or unusual conditions...

CVE-2020-10578

An arbitrary file read vulnerability exists in system/controller/backend/template.php in QCMS v3.0.1...

Arbitrary file deletion

An arbitrary file read vulnerability exists in system/controller/backend/template.php in QCMS v3.0.1...

CVE-2018-14969

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/system.php has XSS...

CVE-2018-14972

An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has XSS...

CVE-2014-2716

Ekahau B4 staff badge tag 5.7 with firmware 1.4.52, Real-Time Location System RTLS Controller 6.0.5-FINAL, and Activator 3 reuses the RC4 cipher stream, which makes it easier for remote attackers to obtain plaintext messages via an XOR operation on two ciphertexts...

Code injection

Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun Fire and Netra platforms allows remote attackers to access the System Controller SC, the system console, and possibly the host OS, and cause a denial of service shutdown or reboot, via spoofed IP packets...