6 matches found
CVE-2019-11370
Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pwsnmp.html "System contact" field...
Rittal Chiller SK 3232-Series Improper Access Control Vulnerability
The Rittal Chiller SK 3232-Series is a liquid cooling device from Rittal, Germany. An improper access control vulnerability in the web interface in the Rittal Chiller SK 3232-Series, which arises from an authentication mechanism that is not sufficiently protected to prevent unauthorized...
CVE-2019-11369
An issue was discovered in Carel pCOWeb prior to B1.2.4. In /config/pwchangeusers.html the device stores cleartext passwords, which may allow sensitive information to be read by someone with access to the device...
Cross site scripting
Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pwsnmp.html "System contact" field...
CVE-2019-11370
Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pwsnmp.html "System contact" field...
CVE-2019-11369
An issue was discovered in Carel pCOWeb prior to B1.2.4. In /config/pwchangeusers.html the device stores cleartext passwords, which may allow sensitive information to be read by someone with access to the device...