32 matches found
CVE-2020-7482
A CWE-79:Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists Andover Continuum All versions, which could cause a Reflective Cross-site Scripting XSS attack when using the products' web server...
EUVD-2020-28607
Malware in sbrugna...
EUVD-2020-28605
Malware in sbrugna...
EUVD-2020-28606
Malware in sbrugna...
EUVD-2019-16407
Malware in sbrugna...
CVE-2020-7480
A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists in Andover Continuum All versions, which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data...
CVE-2020-7481
A CWE-79:Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists Andover Continuum All versions, which could enable a successful Cross-site Scripting XSS attack when using the products' web server...
CVE-2019-6853
A CWE-79: Failure to Preserve Web Page Structure vulnerability exists in Andover Continuum models 9680, 5740 and 5720, bCX4040, bCX9640, 9900, 9940, 9924 and 9702 , which could enable a successful Cross-site Scripting XSS attack when using the products web server...
The vulnerability of the building management software (management of access control, security systems, video surveillance, and automation) in Andover Continuum arises from the lack of measures to protect input data. This allows intruders to perform cross-site scripting attacks (XSS).
The vulnerability of the building management software management of access control, security systems, video surveillance, and automation in Andover Continuum is related to the lack of measures for cleaning input data. Exploiting this vulnerability could allow a remote attacker to perform cross-si...
The vulnerability of the building management software (management of access control, security systems, video surveillance, and automation) Andover Continuum System, related to the lack of protection for website structures, allows attackers to execute cross-site scripting attacks (XSS attacks) during the use of web server applications.
The vulnerability of the building management software managing access control, security systems, video surveillance, and automation in Andover Continuum System is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to...
The vulnerability of the building management software (management of access control, security systems, video surveillance, and automation) Andover Continuum System, related to the possibility of interference with XML data processing by the application, allows a intruder to gain access to the files in the application server’s file system.
The vulnerability of the building management software management of access control, security systems, video surveillance, and automation Andover Continuum System is related to the possibility of interference with XML data processing by the application. Exploiting this vulnerability can allow a...
The vulnerability of the building management software (management of access control, security systems, video surveillance, and automation) Andover Continuum System, related to the lack of protection for website structures, allows attackers to execute cross-site scripting attacks (XSS attacks) during the use of web server applications.
The vulnerability of the building management software management of access control, security systems, video surveillance, and automation in Andover Continuum System is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious act...
Andover Continuum Cross-Site Scripting Vulnerability (CNVD-2020-19526)
Andover Continuum is a BACnet building management system from Schneider Electric. A cross-site scripting vulnerability exists in Andover Continuum. The vulnerability stems from improper neutralization of inputs during web page generation. An attacker could exploit this vulnerability to conduct a...
Schneider Electric Andover Continuum Cross-Site Scripting Vulnerability
Schneider Electric Andover Continuum is a suite of building automation solutions from the French company Schneider Electric. The product includes features such as heating ventilation and air conditioning and access control. A cross-site scripting vulnerability exists in Schneider Electric Andover...
Andover Continuum Cross-Site Scripting Vulnerability
Andover Continuum is a BACnet building management system from Schneider Electric. A reflected cross-site scripting vulnerability exists in Andover Continuum. The vulnerability stems from improper neutralization of inputs during web page generation. An attacker could exploit this vulnerability to...
Andover Continuum Code Injection Vulnerability
Andover Continuum is a BACnet building management system from Schneider Electric. A code injection vulnerability exists in Andover Continuum. The vulnerability stems from improper control over code generation. An attacker could use this vulnerability to read files on the application server file...
CVE-2020-7481
A CWE-79:Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists Andover Continuum All versions, which could enable a successful Cross-site Scripting XSS attack when using the products' web server...
CVE-2020-7482
A CWE-79:Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists Andover Continuum All versions, which could cause a Reflective Cross-site Scripting XSS attack when using the products' web server...
CVE-2020-7480
A CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exists in Andover Continuum All versions, which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data...
Cross site scripting
A CWE-79:Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists Andover Continuum All versions, which could cause a Reflective Cross-site Scripting XSS attack when using the products' web server...