Cross site scripting

A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE&b=csmartenergyswgroups in the web...

Solar-Log GmbH Cross-Site Scripting Vulnerability

Solar-Log GmbH is a data logger for monitoring photovoltaic PV power plants from the German company Solar-Log. A cross-site scripting vulnerability exists in Solar-Log GmbH firmware version 15 6.0.1 Build 161, which stems from a vulnerability that allows an attacker to elevate its privileges usin...

Information disclosure

Neocrome Seditio build 161 allows remote attackers to obtain sensitive information via a direct request to 1 docs/new/seditio-createnew-160.sql, 2 docs/upgrade/seditoconverttoutf8.optional.sql, or 3 system/install/install.parser.sql...

CVE-2012-5915

CVE-2012-5915 affects Neocrome Seditio builds 161 and earlier. The vulnerability is an information-disclosure flaw where remote attackers can cause an error message to reveal the installation path by directly requesting any of the following: view.php, plugins/contact/lang/contact.en.lang.php, sys...

CVE-2012-5915

Neocrome Seditio build 161 and earlier allows remote attackers to obtain sensitive information via direct request to 1 view.php, 2 plugins/contact/lang/contact.en.lang.php, 3 system/lang/en/main.lang.php, 4 system/lang/en/message.lang.php, or 5 system/core/view/view.inc.php, which reveals the...