2 matches found
CVE-2014-6616
Cross-site scripting XSS vulnerability in Softing FG-100 PROFIBUS Single Channel FG-100-PB with firmware FG-x00-PBV2.02.0.00 allows remote attackers to inject arbitrary web script or HTML via the DEVICENAME parameter to cgi-bin/CFGhttp/...
CVE-2014-6616
CVE-2014-6616 is an XSS flaw in Softing FG-100 PROFIBUS Single Channel (FG-100-PB) firmware FG-x00-PB_V2.02.0.00. The web GUI fails to properly encode user data, allowing an attacker to inject arbitrary script via the DEVICE_NAME parameter to /cgi-bin/CFGhttp. Impact: remote script execution with...