177 matches found
CVE-2023-22339
Improper access control vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote unauthenticated attacker to bypass access restriction and obtain the server certificate including the private key of the product...
CVE-2023-22334
Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to obtain user credentials information via a man-in-the-middle attack...
CVE-2023-22373
Cross-site scripting vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information...
CVE-2023-22339
Improper access control vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote unauthenticated attacker to bypass access restriction and obtain the server certificate including the private key of the product...
CVE-2023-22334
Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to obtain user credentials information via a man-in-the-middle attack...
CVE-2023-22373
Cross-site scripting vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information...
CVE-2023-22331
Use of default credentials vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote unauthenticated attacker to alter user credentials information...
CVE-2023-22331
Use of default credentials vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote unauthenticated attacker to alter user credentials information...
Cross site scripting
Cross-site scripting vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information...
Default credentials
Use of default credentials vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote unauthenticated attacker to alter user credentials information...
Improper access control
Improper access control vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote unauthenticated attacker to bypass access restriction and obtain the server certificate including the private key of the product...
CVE-2023-22331
Use of default credentials vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote unauthenticated attacker to alter user credentials information...
CVE-2023-22334
Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to obtain user credentials information via a man-in-the-middle attack...
CVE-2023-22331
Use of default credentials vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote unauthenticated attacker to alter user credentials information...
CVE-2023-22334
Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to obtain user credentials information via a man-in-the-middle attack...
PT-2023-18467 · Unknown · Conprosys Hmi System
Name of the Vulnerable Software and Affected Versions: CONPROSYS HMI System CHS versions 3.4.5 and earlier Description: A cross-site scripting issue allows a remote authenticated attacker to inject an arbitrary script and obtain sensitive information. Recommendations: For CONPROSYS HMI System CHS...
CVE-2023-22373
Cross-site scripting vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information...
CVE-2023-22373
Cross-site scripting vulnerability in CONPROSYS HMI System CHS Ver.3.4.5 and earlier allows a remote authenticated attacker to inject an arbitrary script and obtain the sensitive information...
CVE-2023-22373
CVE-2023-22373 affects CONPROSYS HMI System (CHS) up to version 3.4.5. The vulnerability is a Cross-site Scripting (CWE-79) in the web interface used by the administrative user, allowing a remote authenticated attacker to inject arbitrary scripts and potentially obtain sensitive information. Vend...
PT-2023-18435 · Unknown · Conprosys Hmi System
Name of the Vulnerable Software and Affected Versions: CONPROSYS HMI System CHS versions 3.4.5 and earlier Description: The issue allows a remote unauthenticated attacker to alter user credentials information due to the use of default credentials. Recommendations: For CONPROSYS HMI System CHS...