CVE-2025-10439

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Yordam Informatics Yordam Library Automation System allows SQL Injection.This issue affects Yordam Library Automation System: from 21.5 & 21.6 before 21.7...

B&R Industrial Automation B&R APROL 代码问题漏洞

B&R Industrial Automation B&R APROL is a process control system from B&R Industrial Automation of Austria. A code issue vulnerability exists in B&R Industrial Automation B&R APROL versions prior to 4.4-00P5, which stems from a server-side request forgery in the APROL Web Portal that could allow a...

Siemens APOGEE/TALON Field Panels Privilege Management Vulnerability

APOGEE PXC Modular and Compact Series Direct Digital Control DDC devices, part of the APOGEE Automation System. TALON TC Modular and Compact Series Direct Digital Control DDC devices, part of the TALON Automation System. Siemens APOGEE/TALON Field Panels contain a privilege management vulnerabili...

CVE-2022-2266 Reflected XSS University Library Automation System

University Library Automation System developed by Yordam Bilgi Teknolojileri before version 19.2 has an unauthenticated Reflected XSS vulnerability. This has been fixed in the version 19.2...

PT-2022-15608 · Unknown · University Library Automation System

Name of the Vulnerable Software and Affected Versions: University Library Automation System versions prior to 19.2 Description: The issue is related to an unauthenticated Reflected XSS vulnerability. This vulnerability has been fixed in version 19.2. Recommendations: For versions prior to 19.2,...

ECOA Building Automation System - Cookie Poisoning Authentication Bypass

Exploit Title: ECOA Building Automation System - Cookie Poisoning Authentication Bypass Date: 25.06.2021 Exploit Author: Neurogenesia Vendor Homepage: http://www.ecoa.com.tw ECOA Building Automation System Cookie Poisoning Authentication Bypass Vendor: ECOA Technologies Corp. Product web page:...

Siemens LOGO! TDE service "DELETEPROG" Denial of Service Vulnerability

Summary An exploitable denial of service vulnerability exists in the TDE service functionality of Siemens LOGO! 1.82.02, 12/24RCE Version 0BA and 230RCE Version 0BA. A specially crafted network request can cause erased information resulting in a denial of service. An attacker can send an...

Rockwell Automation CompactLogix System Chassis

Binary data 753538.prm...

Rockwell Automation 1336T Vector 460V/ 570.2A 1336T-B450-GT2EN Smart MCC

Binary data 754335.prm...

Rockwell Automation PowerFlex 700 240V 15.3A Smart MCC

Binary data 754156.prm...

ICS, SCADA Security Woes Linger On

A handful of worrisome vulnerabilities in Honeywell building automation system software disclosed last week are case in point of how far the industry continues to lag in securing SCADA and industrial control systems. Honeywell published in September new firmware that patches vulnerabilities...

Schneider Electric StruxureWare Building Expert Security Patch

Industrial control manufacturer Schneider Electric has published new firmware for its StruxureWare Building Expert building automation system that patches a remotely exploitable vulnerability. Researcher Artyom Kurbatov discovered that the system transmits user credentials in plaintext between th...