103 matches found
EUVD-2012-0269
Malware in sbrugna...
EUVD-2011-4452
Malware in sbrugna...
EUVD-2012-0279
Malware in sbrugna...
EUVD-2012-1260
Malware in sbrugna...
EUVD-2011-4448
Malware in sbrugna...
EUVD-2011-4450
Malware in sbrugna...
EUVD-2011-4451
Malware in sbrugna...
EUVD-2011-4449
Malware in sbrugna...
BroadWin WebAccess Version Detection
Detection of BroadWin WebAccess. The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective righ...
CVE-2014-0985
Advantech WebAccess 7.2 contains multiple stack-based buffer overflow vulnerabilities (CVE-2014-0985 through CVE-2014-0992) in ActiveX/ parsing code (notably NodeName, GotoCmd, NodeName2, AccessCode, AccessCode2, UserName, projectname, and password parameters). According to Core Security CORE-201...
BroadWin WebAccess Client Multiple Vulnerabilities
No description provided by source. Application: BroadWin WebAccess Client http://broadwin.com/Client.htm Versions: bwocxrun.ocx = 1.0.0.10 aka version 7.0 Platforms: Windows Bugs: A format string B arbitrary memory corruption Exploitation: remote Date: 02 Sep 2011 Author: Luigi Auriemma e-mail:...
BroadWin WebAccess SCADA/HMI Client Remote Code Execution
No description provided by source. html bBroadWin WebAccess SCADA/HMI Remote Code Execution Vulnerability 0day/bbrbr WebAccess is the first fully web browser-based software package forbr human-machine interfaces HMI, and supervisory control and databr acquisition SCADA. bwocxrun.ocx ActiveX...
CVE-2013-2299
CVE-2013-2299 affects Advantech WebAccess (formerly BroadWin WebAccess) prior to version 7.1 (2013-05-30). The vulnerability is a Cross-site Scripting (XSS) flaw that allows remote authenticated users to inject arbitrary HTML/script via unspecified vectors. NVD lists CVSSv2: base score 3.5 (low) ...
CVE-2012-0235
Cross-site request forgery CSRF vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2012-0237
Advantech/BroadWin WebAccess before 7.0 allows remote attackers to 1 enable date and time syncing or 2 disable date and time syncing via a crafted URL...
CVE-2012-0242
Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via format string specifiers in a message string...
CVE-2012-0239
uaddUpAdmin.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to modify an administrative password via a password-change request...
CVE-2012-1234
SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0234...
CVE-2012-0236
Advantech/BroadWin WebAccess 7.0 and earlier allows remote attackers to obtain sensitive information via a direct request to a URL. NOTE: the vendor reportedly "does not consider it to be a security risk."...
CVE-2012-0241
Advantech/BroadWin WebAccess before 7.0 allows remote attackers to cause a denial of service memory corruption via a modified stream identifier to a function...