22 matches found
EUVD-2016-0883
Malware in sbrugna...
EUVD-2016-9224
Malware in sbrugna...
EUVD-2016-9204
Malware in sbrugna...
CVE-2016-0872
A Plaintext Storage of a Password issue was discovered in Kabona AB WebDatorCentral WDC versions prior to Version 3.4.0. WDC stores password credentials in plaintext...
Default credentials
A Plaintext Storage of a Password issue was discovered in Kabona AB WebDatorCentral WDC versions prior to Version 3.4.0. WDC stores password credentials in plaintext...
CVE-2016-0872
A Plaintext Storage of a Password issue was discovered in Kabona AB WebDatorCentral WDC versions prior to Version 3.4.0. WDC stores password credentials in plaintext...
CVE-2016-0872
Kabona AB WebDatorCentral (WDC) versions prior to 3.4.0 store password credentials in plaintext due to plaintext storage of a password (CWE-256). CVE-2016-0872 corresponds to this vulnerability, affecting WDC’s authentication data handling. Public documentation from NVD and CNVD/ICS-CERT indicate...
CVE-2016-8376
An issue was discovered in Kabona AB WebDatorCentral WDC application prior to Version 3.4.0. This non-validated redirect/non-validated forward OPEN REDIRECT allows chaining with authenticated vulnerabilities...
CVE-2016-8356
An issue was discovered in Kabona AB WebDatorCentral WDC application prior to Version 3.4.0. The web server URL inputs are not sanitized correctly, which may allow cross-site scripting vulnerabilities...
Design/Logic Flaw
An issue was discovered in Kabona AB WebDatorCentral WDC application prior to Version 3.4.0. WDC does not limit authentication attempts that may allow a brute force attack method...
CVE-2016-8347
An issue was discovered in Kabona AB WebDatorCentral WDC application prior to Version 3.4.0. WDC does not limit authentication attempts that may allow a brute force attack method...
Open redirect
An issue was discovered in Kabona AB WebDatorCentral WDC application prior to Version 3.4.0. This non-validated redirect/non-validated forward OPEN REDIRECT allows chaining with authenticated vulnerabilities...
Cross site scripting
An issue was discovered in Kabona AB WebDatorCentral WDC application prior to Version 3.4.0. The web server URL inputs are not sanitized correctly, which may allow cross-site scripting vulnerabilities...
CVE-2016-8347
An issue was discovered in Kabona AB WebDatorCentral WDC application prior to Version 3.4.0. WDC does not limit authentication attempts that may allow a brute force attack method...
CVE-2016-8356
CVE-2016-8356 (Kabona AB WebDatorCentral, WDC) affects WebDatorCentral prior to version 3.4.0. The vulnerability is caused by unsanitized web server URL inputs, enabling cross-site scripting (XSS). Exploitation could be performed remotely over the network; the impact includes High confidentiality...
CVE-2016-8356
An issue was discovered in Kabona AB WebDatorCentral WDC application prior to Version 3.4.0. The web server URL inputs are not sanitized correctly, which may allow cross-site scripting vulnerabilities...
CVE-2016-8376
An issue was discovered in Kabona AB WebDatorCentral WDC application prior to Version 3.4.0. This non-validated redirect/non-validated forward OPEN REDIRECT allows chaining with authenticated vulnerabilities...
CVE-2016-8347
CVE-2016-8347 affects Kabona AB WebDatorCentral (WDC) prior to version 3.4.0. The root cause is improper handling of authentication attempts, allowing unrestricted brute-force attempts against the login API. Reports indicate remote exploitability with no user interaction required, and the impact ...
CVE-2016-8376
Summary of CVE-2016-8376 : A non-validated redirect/forward (OPEN REDIRECT) vulnerability in Kabona AB WebDatorCentral (WDC) prior to version 3.4.0. The issue allows an attacker to chain with authenticated vulnerabilities, potentially affecting users via crafted URLs that redirect to a malicious ...
Kabona AB WDC Open Redirect Vulnerability
Kabona AB WDC is a web-based SCADA system from the Swedish company Kabona AB. An open redirection vulnerability exists in Kabona AB WDC versions prior to 3.4.0. An attacker can exploit this vulnerability to redirect users to a malicious page...