CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

RedhatCVE•added 2026/01/09 11:23 a.m.•4 views

CVE-2021-31682

The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a basic XSS payload to...

6.1CVSS6.2AI score0.4107EPSS

Exploits4References1

Packet Storm•added 2021/10/29 12:0 a.m.•581 views

WebCTRL OEM 6.5 Cross Site Scripting

Exploit Title: WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting XSS Date: 4/07/2021 Exploit Author: 3ndG4me Vendor Homepage: https://www.automatedlogic.com/en/products/webctrl-building-automation-system/ Version: 6.5 and Below CVE : CVE-2021-31682 --Summary-- The login portal for the...

4.3CVSS0.1AI score0.4107EPSS

Exploits4

0day.today•added 2021/10/29 12:0 a.m.•542 views

WebCTRL OEM 6.5 - (locale) Reflected Cross-Site Scripting Vulnerability

Exploit Title: WebCTRL OEM 6.5 - 'locale' Reflected Cross-Site Scripting XSS Exploit Author: 3ndG4me Vendor Homepage: https://www.automatedlogic.com/en/products/webctrl-building-automation-system/ Version: 6.5 and Below CVE : CVE-2021-31682 --Summary-- The login portal for the Automated Logic...

6.1CVSS0.2AI score0.4107EPSS

Exploits4