8 matches found
CVE-2020-7572
A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary XML code and obtain disclosure of confidential data, denial of service, server...
EUVD-2020-28695
Malware in sbrugna...
EUVD-2020-28696
Malware in sbrugna...
CVE-2020-7570
A CWE-79 Improper Neutralization of Input During Web Page Generation Cross-site Scripting Stored vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary web script or HTML due to incorrect...
CVE-2020-7571
A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation Cross-site Scripting Reflected vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker to inject arbitrary web script or HTML due to incorrect sanitization of use...
CVE-2020-7571
A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation Cross-site Scripting Reflected vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker to inject arbitrary web script or HTML due to incorrect sanitization of use...
Schneider Electric EcoStruxure Building Operation WebReports 代码问题漏洞
EcoStruxure Building Operation WebReports is a web application for creating, viewing and managing reports. An improperly restricted XML external entity reference vulnerability exists in EcoStruxure Building Operation WebReports 1.9 - 3.1. The vulnerability stems from a misconfiguration of the XML...
Schneider Electric EcoStruxure Building Operation WebReports 代码问题漏洞
Schneider Electric EcoStruxure Building Operation WebReports is a web application for creating, viewing and managing reports. An arbitrary file upload vulnerability exists in Schneider Electric EcoStruxure Building Operation WebReports 1.9-3.1. The vulnerability stems from improper validation of...