7 matches found
EUVD-2012-1996
Malware in sbrugna...
CVE-2012-1990
Multiple cross-site scripting XSS vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the evtvariablename parameter in an evts.xml action to kw.dll, 2 unspecified search fields, or 3 unspecified...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the evtvariablename parameter in an evts.xml action to kw.dll, 2 unspecified search fields, or 3 unspecified...
CVE-2012-1990
Multiple cross-site scripting XSS vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via 1 the evtvariablename parameter in an evts.xml action to kw.dll, 2 unspecified search fields, or 3 unspecified...
CVE-2012-1990
CVE-2012-1990 describes multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb (before 3.0.1) and Kerwin (before 6.0.1). The issues allow remote attackers to inject arbitrary web script or HTML via (1) the evtvariablename parameter in an evts.xml action to kw.dll, (2) un...
Schneider Electric Telecontrol Kerweb 3.0.0/6.0.0 - 'kw.dll' HTML Injection
source: https://www.securityfocus.com/bid/53409/info Multiple Schneider Electric Telecontrol products are prone to an HTML-injection vulnerability because they fail to sufficiently sanitize user-supplied data before it is used in dynamic content. Attacker-supplied HTML or JavaScript code could ru...
Kerweb / Kerwin Cross Site Scripting
Kerweb/Kerwin XSS vulnerabilities Severity: Moderate Vendor: Schneider Electrics Versions Affected: Kerweb...