📄 PKP-WAL 3.5.0-1 baseColour LESS Code Injection

PKP-WAL versions 3.5.0-1 and below suffer from a LESS baseColour related code injection vulnerability. ----------------------------------------------------------------- PKP-WAL = 3.5.0-1 baseColour LESS Code Injection Vulnerability -----------------------------------------------------------------...

CVE-2025-10235

A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting. The attack may be initiated remotely. The exploit has been published and ma...

CVE-2025-10235 Scada-LTS Reports reports.shtm cross site scripting

A flaw has been found in Scada-LTS up to 2.7.8.1. This issue affects some unknown processing of the file /reports.shtm of the component Reports Module. This manipulation of the argument Colour causes cross site scripting. The attack may be initiated remotely. The exploit has been published and ma...

CVE-2025-10235

CVE-2025-10235 affects Scada-LTS up to 2.7.8.1 in the Reports Module, via manipulation of the Colour argument in /reports.shtm that enables cross-site scripting. The attack can be initiated remotely and an exploit has been published. Remediation per sources: upgrade to Scada-LTS 2.7.8.2 or later;...

Scada-LTS 代码注入漏洞

Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A code injection vulnerability exists in Scada-LTS version 2.7.8.1 and earlier, which stems from an incorrect manipulation of the parameter Colour in the file /reports.shtm, and could lead to a cross-site...

PT-2025-37107

Name of the Vulnerable Software and Affected Versions: Scada-LTS versions prior to 2.7.8.2 Description: A flaw exists in Scada-LTS’s Reports Module due to cross-site scripting. The issue stems from unknown processing of the file /reports.shtm and manipulation of the Colour argument. This...