Lucene search
K

9 matches found

CNVD
CNVD
added 2019/09/23 12:0 a.m.3 views

Cross-site scripting vulnerability in multiple Schneider Electric products (CNVD-2019-34798)

Schneider Electric MEG6501-0001-U.motion KNX server and others are a web-based visualization system from Schneider Electric France. The system is mainly used for KNX-based home and building automation. A cross-site scripting vulnerability exists in several Schneider Electric products. An attacker...

5.4CVSS6.4AI score0.00521EPSS
Exploits0References1
NVD
NVD
added 2019/09/17 8:15 p.m.20 views

CVE-2019-6835

A Cross-Site Scripting XSS CWE-79 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow an attacker to inject...

5.4CVSS5.2AI score0.00521EPSS
Exploits0References1
Prion
Prion
added 2019/09/17 8:15 p.m.20 views

Server side request forgery (ssrf)

A Server-Side Request Forgery SSRF: CWE-918 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could cause server...

6.4CVSS9AI score0.00988EPSS
Exploits0References1Affected Software4
Prion
Prion
added 2019/09/17 8:15 p.m.14 views

Unrestricted file upload

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow a...

6.5CVSS8.5AI score0.01075EPSS
Exploits0References1Affected Software4
Cvelist
Cvelist
added 2019/09/17 7:19 p.m.30 views

CVE-2019-6840

A Format String: CWE-134 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow an attacker to send a crafted messa...

9.4AI score0.01149EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/09/17 7:15 p.m.13 views

CVE-2019-6837

A Server-Side Request Forgery SSRF: CWE-918 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could cause server...

9.1AI score0.00988EPSS
Exploits0References1
CVE
CVE
added 2019/09/17 7:15 p.m.115 views

CVE-2019-6837

CVE-2019-6837 describes a Server-Side Request Forgery (SSRF) in Schneider Electric’s U.motion Server family (MEG6501-0001 U.motion KNX server; MEG6501-0002 U.motion KNX Server Plus; MEG6260-0410 U.motion KNX Server Plus; Touch 10; MEG6260-0415 Touch 15). The flaw allows an attacker to cause the s...

9.1CVSS9AI score0.00988EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/09/17 7:13 p.m.108 views

CVE-2019-6835

CVE-2019-6835 is a Cross-Site Scripting (XSS, CWE-79) issue affecting Schneider Electric U.motion Server family (e.g., MEG6501-0001/0002, MEG6260-0410/0415, Touch 10/15). The linked documents describe that an attacker could inject client-side script when a user visits a web page served by U.motio...

5.4CVSS5.2AI score0.00521EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/09/17 7:13 p.m.22 views

CVE-2019-6835

A Cross-Site Scripting XSS CWE-79 vulnerability exists in U.motion Server MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15, which could allow an attacker to inject...

5.2AI score0.00521EPSS
Exploits0References1
Rows per page
Query Builder