18 matches found
EUVD-2015-6410
Malware in sbrugna...
EUVD-2015-6416
Malware in sbrugna...
EUVD-2015-6415
Malware in sbrugna...
shop.ibc-solar.de XSS vulnerability
Open Bug Bounty ID: OBB-656518 Description| Value ---|--- Affected Website:| shop.ibc-solar.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
IBC Solar ServeMaster Source Code Vulnerability
ServeMaster TLP+ and Danfoss TLX Pro+ are web-based SCADA systems. A source code vulnerability exists in IBC Solar ServeMaster. An attacker could exploit this vulnerability to obtain source code for executable scripts...
CVE-2015-6475
Multiple cross-site scripting XSS vulnerabilities in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-6474
IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to discover cleartext passwords by reading HTML source code...
CVE-2015-6469
The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote attackers to discover script source code via unspecified vectors...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Code injection
The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote attackers to discover script source code via unspecified vectors...
Code injection
IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to discover cleartext passwords by reading HTML source code...
CVE-2015-6475
Multiple cross-site scripting XSS vulnerabilities in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2015-6474
IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to discover cleartext passwords by reading HTML source code...
CVE-2015-6469
The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote attackers to discover script source code via unspecified vectors...
CVE-2015-6475
CVE-2015-6475 involves multiple cross-site scripting (XSS) vulnerabilities in the web-based SCADA products served by IBC Solar: ServeMaster TLP+ and Danfoss TLX Pro+. The public records describe XSS as the underlying issue enabling an attacker to inject arbitrary web script or HTML via unspecifie...
CVE-2015-6469
CVE-2015-6469 affects IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ where an interpreter misconfiguration allows remote disclosure of executable script source code. Affected products are web-based SCADA systems; attacker could obtain source code via unspecified vectors. ICS-CERT reports no patc...
CVE-2015-6474
The CVE-2015-6474 entry concerns IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ where an attacker can discover cleartext passwords by viewing the HTML source of web pages. Affected products are web-based SCADA systems; the root cause is improper handling/storage of credentials leading to exposur...
IBC Solar ServeMaster Source Code Vulnerability
OVERVIEW Independent researcher Maxim Rupp has identified three vulnerabilities in IBC Solar products. The vulnerabilities are disclosure of applications source code, plain text passwords, and cross site scripting. IBC Solar has not produced a patch to mitigate these vulnerabilities. These...