102 matches found
CVE-2023-29154
SQL injection vulnerability exists in the CONPROSYS HMI System CHS versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQL command via specially crafted input to the query setting page...
EUVD-2023-26502
Malicious code in bioql PyPI...
EUVD-2023-26536
Malicious code in bioql PyPI...
EUVD-2023-32456
Malicious code in bioql PyPI...
EUVD-2025-19656
Malicious code in bioql PyPI...
EUVD-2023-26487
Malicious code in bioql PyPI...
EUVD-2025-19659
Malicious code in bioql PyPI...
EUVD-2023-32351
Malicious code in bioql PyPI...
EUVD-2023-32095
Malicious code in bioql PyPI...
EUVD-2023-32318
Malicious code in bioql PyPI...
CVE-2025-34081
The Contec Co.,Ltd. CONPROSYS HMI System CHS exposes a PHP phpinfo debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System CHS: before 3.7.7...
Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS)
Overview CONPROSYS HMI System CHS provided by Contec Co.,Ltd. contains multiple vulnerabilities listed below. Reflected cross-site scripting CWE-79 - CVE-2025-34080 Insertion of sensitive information into debugging code CWE-215 - CVE-2025-34081 Alex Williams of Converge Technology Solutions...
CVE-2025-34081
The Contec Co.,Ltd. CONPROSYS HMI System CHS exposes a PHP phpinfo debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System CHS: before 3.7.7...
CVE-2025-34080
The Contec Co.,Ltd. CONPROSYS HMI System CHS is vulnerable to Cross-Site Scripting XSS in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System CHS: before 3.7.7...
CVE-2025-34081 CONPROSYS HMI System (CHS) < 3.7.7 Exposed PHP Debug Info
The Contec Co.,Ltd. CONPROSYS HMI System CHS exposes a PHP phpinfo debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System CHS: before 3.7.7...
CVE-2025-34081 CONPROSYS HMI System (CHS) < 3.7.7 Exposed PHP Debug Info
The Contec Co.,Ltd. CONPROSYS HMI System CHS exposes a PHP phpinfo debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System CHS: before 3.7.7...
CVE-2025-34081
The CVE-2025-34081 affects Contec CONPROSYS HMI System (CHS) prior to version 3.7.7. The issue is the exposure of a PHP phpinfo() debugging page to unauthenticated users, which may disclose sensitive runtime information useful to an attacker. Public sources in the connected documents confirm the ...
CVE-2025-34080
CVE-2025-34080 affects Contec Co.,Ltd. CONPROSYS HMI System (CHS) versions before 3.7.7. The issue is a reflected Cross-Site Scripting (XSS) in the getqsetting.php functionality, enabling execution of browser scripts on interaction. The vulnerability’s impact is browser-side script execution for ...
CVE-2025-34080 CONPROSYS HMI System (CHS) < 3.7.7 Reflected Cross-Site Scripting
The Contec Co.,Ltd. CONPROSYS HMI System CHS is vulnerable to Cross-Site Scripting XSS in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System CHS: before 3.7.7...
CVE-2025-34080 CONPROSYS HMI System (CHS) < 3.7.7 Reflected Cross-Site Scripting
The Contec Co.,Ltd. CONPROSYS HMI System CHS is vulnerable to Cross-Site Scripting XSS in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System CHS: before 3.7.7...