8 matches found
Multiple Cross-Site Scripting Vulnerabilities in Nordex NC2
Nordex Control 2 is a web-based SCADA system for wind power stations. Multiple cross-site scripting vulnerabilities exist in the Nordex Control 2 NC2 SCADA 16 and earlier versions, Wind Farm Portal application. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTM...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application in Nordex Control 2 NC2 SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-6477
Multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application in Nordex Control 2 NC2 SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-6477
Multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application in Nordex Control 2 NC2 SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
PT-2015-7264
Name of the Vulnerable Software and Affected Versions Nordex Control 2 NC2 SCADA versions 16 and earlier Description The issue concerns multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application. These vulnerabilities allow remote attackers to inject arbitrary web scrip...
Cross site scripting
Cross-site scripting XSS vulnerability in the login script in the Wind Farm Portal on Nordex Control 2 NC2 SCADA devices 15 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter...
CVE-2014-5408 Nordex NC2 Cross-site Scripting
Cross-site scripting XSS vulnerability in the login script in the Wind Farm Portal on Nordex Control 2 NC2 SCADA devices 15 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter...
CVE-2014-5408
CVE-2014-5408 is a reflected XSS in the Nordex NC2 Wind Farm Portal login script (username parameter) affecting NC2 v15 and earlier. The vulnerability, exploitable remotely, can cause a user’s browser to execute arbitrary script/HTML; OpenVAS notes the potential to read cookies during exploitatio...