Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

22 matches found

RedhatCVE
RedhatCVEadded 2026/01/09 12:11 p.m.4 views

CVE-2018-18881

A Denial of Service DOS issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can configure invalid network settings, stopping TCP based communications to the device. A physical factory rese...

6.8CVSS6.6AI score0.00421EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/01/09 12:9 p.m.5 views

CVE-2018-18882

A stored cross-site scripting XSS issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can inject arbitrary script via setup.html in the web interface...

5.4CVSS5.7AI score0.00303EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2018-10593

Malware in sbrugna...

5.4CVSS5.6AI score0.00303EPSS
Exploits1References3
EUVD
EUVDadded 2025/10/07 12:30 a.m.3 views

EUVD-2018-10592

Malware in sbrugna...

6.8CVSS6.6AI score0.00421EPSS
Exploits0References3
EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2023-58575

Malicious code in bioql PyPI...

7.5CVSS5.8AI score0.00029EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/23 4:57 a.m.2 views

CVE-2023-6333

The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's session...

7.5CVSS6.2AI score0.00029EPSS
Exploits0
OSV
OSVadded 2023/12/07 6:15 p.m.1 views

CVE-2023-6333

The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's session...

5.4CVSS5.9AI score
Exploits0References1
CVE
CVEadded 2023/12/07 6:8 p.m.30 views

CVE-2023-6333

The CVE-2023-6333 issue affects ControlByWeb Relay devices (X-332-24I firmware 1.06; X-301-I firmware 1.15; X-301-24I firmware 1.15). Root cause: improper neutralization of input during web page generation (stored XSS). Impact: an authenticated attacker could inject arbitrary JavaScript into the ...

7.5CVSS5.9AI score0.00029EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichmentadded 2023/12/07 6:8 p.m.1 views

CVE-2023-6333 Cross-site Scripting in ControlByWeb Relays

The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's session...

7.5CVSS5.3AI score0.00029EPSS
Exploits0References1
Cvelist
Cvelistadded 2023/12/07 6:8 p.m.15 views

CVE-2023-6333 Cross-site Scripting in ControlByWeb Relays

The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's session...

7.5CVSS7.3AI score0.00029EPSS
Exploits0References1
ICS
ICSadded 2023/12/07 7:0 a.m.16 views

ControlbyWeb Relay

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : ControlByWeb Equipment : X-332 and X-301 Vulnerability : Cross-Site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated attacker to run...

7.5CVSS6.5AI score0.00029EPSS
Exploits0References10
Positive Technologies
Positive Technologiesadded 2023/12/07 12:0 a.m.1 views

PT-2023-32616 · Controlbyweb · Controlbyweb Relay

Name of the Vulnerable Software and Affected Versions: ControlByWeb Relay products affected versions not specified Description: The issue concerns a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface, potential...

7.5CVSS5.3AI score0.00029EPSS
Exploits0References8
NVD
NVDadded 2019/03/21 4:0 p.m.7 views

CVE-2018-18881

A Denial of Service DOS issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can configure invalid network settings, stopping TCP based communications to the device. A physical factory rese...

6.8CVSS6.2AI score0.00421EPSS
Exploits0References2
OSV
OSVadded 2019/03/21 4:0 p.m.0 views

CVE-2018-18882

A stored cross-site scripting XSS issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can inject arbitrary script via setup.html in the web interface...

5.4CVSS5.8AI score0.00303EPSS
Exploits1References2
NVD
NVDadded 2019/03/21 4:0 p.m.11 views

CVE-2018-18882

A stored cross-site scripting XSS issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can inject arbitrary script via setup.html in the web interface...

5.4CVSS5.5AI score0.00303EPSS
Exploits1References2
Prion
Prionadded 2019/03/21 4:0 p.m.18 views

Design/Logic Flaw

A Denial of Service DOS issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can configure invalid network settings, stopping TCP based communications to the device. A physical factory rese...

6.8CVSS6.2AI score0.00421EPSS
Exploits0References2Affected Software1
Prion
Prionadded 2019/03/21 4:0 p.m.12 views

Cross site scripting

A stored cross-site scripting XSS issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can inject arbitrary script via setup.html in the web interface...

3.5CVSS5.4AI score0.00303EPSS
Exploits1References2Affected Software1
CVE
CVEadded 2019/03/17 9:10 p.m.37 views

CVE-2018-18882

The CVE-2018-18882 issue affects ControlByWeb X-320M-I with firmware v1.05, where a stored XSS vulnerability exists in setup.html. The root cause is improper input handling that allows an authenticated user to inject arbitrary script via the web interface. Impact per connected sources includes po...

5.4CVSS5.2AI score0.00303EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2019/03/17 9:10 p.m.13 views

CVE-2018-18882

A stored cross-site scripting XSS issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can inject arbitrary script via setup.html in the web interface...

5.3AI score0.00303EPSS
Exploits1References2
Cvelist
Cvelistadded 2019/03/17 9:9 p.m.12 views

CVE-2018-18881

A Denial of Service DOS issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can configure invalid network settings, stopping TCP based communications to the device. A physical factory rese...

6.2AI score0.00421EPSS
Exploits0References2
Rows per page
Query Builder