📄 MySCADA MyPRO Manager 1.2 PHP Code Injection

MySCADA MyPRO Manager version 1.2 suffers from a code injection vulnerability. ============================================================================================================================================= | Title : MySCADA MyPRO Manager 1.2 PHP Code Injection Vulnerability | |...

📄 MyPRO Manager 1.2 Command Injection

MyPRO Manager versions 1.2 and below suffer from an unauthenticated command injection vulnerability. ============================================================================================================================================= | Title : MyPRO Manager 1.2 php code injection | |...

CVE-2025-23411

mySCADA myPRO Manager is vulnerable to cross-site request forgery CSRF, which could allow an attacker to obtain sensitive information. An attacker would need to trick the victim in to visiting an attacker-controlled website...

EUVD-2025-3164

Malicious code in bioql PyPI...

EUVD-2025-4009

Malicious code in bioql PyPI...

EUVD-2024-45983

Malicious code in bioql PyPI...

mySCADA myPRO Manager Credential Harvester (CVE-2025-24865 and CVE-2025-22896)

Credential Harvester in MyPRO Manager use auxiliary/admin/scada/mypromgrcreds msf auxiliarymypromgrcreds show actions ...actions... msf auxiliarymypromgrcreds set ACTION msf auxiliarymypromgrcreds show options ...show and set options... msf auxiliarymypromgrcreds run class MetasploitModule 'mySCA...

CVE-2025-25067

mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands...

CVE-2025-22896

mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information...

CVE-2025-24865

The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password...

CVE-2025-25067

mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands...

CVE-2025-24865

The administrative web interface of mySCADA myPRO Manager can be accessed without authentication which could allow an unauthorized attacker to retrieve sensitive information and upload files without the associated password...

CVE-2025-25067

mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands...

CVE-2025-23411

mySCADA myPRO Manager is vulnerable to cross-site request forgery CSRF, which could allow an attacker to obtain sensitive information. An attacker would need to trick the victim in to visiting an attacker-controlled website...

CVE-2025-22896

mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information...

CVE-2025-22896

mySCADA myPRO Manager stores credentials in cleartext, which could allow an attacker to obtain sensitive information...

CVE-2025-25067 mySCADA myPRO Manager OS Command Injection

mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands...

CVE-2025-25067

CVE-2025-25067 affects mySCADA myPRO Manager (HMI/SCADA). An OS command injection vulnerability originates from improper input validation, enabling a remote attacker to execute arbitrary OS commands over the network. CISA/ICS guidance notes the administrative web interface can be accessed without...

CVE-2025-25067 mySCADA myPRO Manager OS Command Injection

mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote attacker to execute arbitrary OS commands...

CVE-2025-23411 mySCADA myPRO Manager Cross-Site Request Forgery

mySCADA myPRO Manager is vulnerable to cross-site request forgery CSRF, which could allow an attacker to obtain sensitive information. An attacker would need to trick the victim in to visiting an attacker-controlled website...