121 matches found
CVE-2024-55025
Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...
CVE-2024-55025
CVE-2024-55025 concerns an access control flaw in the VNC component of Weintek cMT-3072XH2 easyweb, affecting version 2.1.53 on OS 20231011 . The issue permits unauthorized attackers to access the HMI system , per multiple sources. The root cause is described as an incorrect access control mechan...
CVE-2024-55025
Incorrect access control in the VNC component of Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 allows unauthorized attackers to access the HMI system...
CVE-2023-29154
SQL injection vulnerability exists in the CONPROSYS HMI System CHS versions prior to 3.5.3. A user who can access the affected product with an administrative privilege may execute an arbitrary SQL command via specially crafted input to the query setting page...
EUVD-2023-32456
Malicious code in bioql PyPI...
EUVD-2023-26502
Malicious code in bioql PyPI...
EUVD-2023-26536
Malicious code in bioql PyPI...
EUVD-2025-19656
Malicious code in bioql PyPI...
EUVD-2023-26487
Malicious code in bioql PyPI...
EUVD-2025-19659
Malicious code in bioql PyPI...
EUVD-2023-32351
Malicious code in bioql PyPI...
EUVD-2023-32095
Malicious code in bioql PyPI...
EUVD-2023-32318
Malicious code in bioql PyPI...
CVE-2025-34080
The Contec Co.,Ltd. CONPROSYS HMI System CHS is vulnerable to Cross-Site Scripting XSS in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System CHS: before 3.7.7...
CVE-2025-34081
The Contec Co.,Ltd. CONPROSYS HMI System CHS exposes a PHP phpinfo debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System CHS: before 3.7.7...
Multiple vulnerabilities in Contec CONPROSYS HMI System (CHS)
Overview CONPROSYS HMI System CHS provided by Contec Co.,Ltd. contains multiple vulnerabilities listed below. Reflected cross-site scripting CWE-79 - CVE-2025-34080 Insertion of sensitive information into debugging code CWE-215 - CVE-2025-34081 Alex Williams of Converge Technology Solutions...
CVE-2025-34081
The Contec Co.,Ltd. CONPROSYS HMI System CHS exposes a PHP phpinfo debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System CHS: before 3.7.7...
CVE-2025-34080
The Contec Co.,Ltd. CONPROSYS HMI System CHS is vulnerable to Cross-Site Scripting XSS in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System CHS: before 3.7.7...
CVE-2025-34081 CONPROSYS HMI System (CHS) < 3.7.7 Exposed PHP Debug Info
The Contec Co.,Ltd. CONPROSYS HMI System CHS exposes a PHP phpinfo debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System CHS: before 3.7.7...
CVE-2025-34081 CONPROSYS HMI System (CHS) < 3.7.7 Exposed PHP Debug Info
The Contec Co.,Ltd. CONPROSYS HMI System CHS exposes a PHP phpinfo debug page to unauthenticated users that may contain sensitive data useful for an attacker.This issue affects CONPROSYS HMI System CHS: before 3.7.7...