34 matches found
Nordex NC2 - Cross-Site Scripting
Nordex NC2 contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. id:...
CVE-2018-25333
Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the login parameter in login.php. Attackers can submit crafted POST requests with SQL injection payloa...
CVE-2018-25333 Nordex N149/4.0-4.5 Wind Turbine Web Server SQL Injection
Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the login parameter in login.php. Attackers can submit crafted POST requests with SQL injection payloa...
EUVD-2018-21857
Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the login parameter in login.php. Attackers can submit crafted POST requests with SQL injection payloa...
CVE-2018-25333 Nordex N149/4.0-4.5 Wind Turbine Web Server SQL Injection
Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the login parameter in login.php. Attackers can submit crafted POST requests with SQL injection payloa...
CVE-2018-25333
CVE-2018-25333 concerns the Nordex N149/4.0-4.5 Wind Turbine Web Server. The vulnerability is an SQL injection in the login flow: attackers can craft POST requests to login.php (no authentication required) to execute arbitrary SQL and potentially bypass login, leaking data. Affected software is N...
CVE-2018-25333
Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the login parameter in login.php. Attackers can submit crafted POST requests with SQL injection payloa...
Nordex N149/4.0-4.5 Wind Turbine Web Server SQL注入漏洞
The Nordex N149/4.0-4.5 Wind Turbine Web Server is a web server component developed by the German company Nordex, used for remote monitoring and management of the Nordex N149 wind turbine system. The 4.0 version of the Nordex N149/4.0-4.5 Wind Turbine Web Server has a SQL injection vulnerability...
EUVD-2014-5296
Malware in sbrugna...
$10M Is Yours If You Can Get This Guy to Leave Russia
The U.S. government this week put a $10 million bounty on a Russian man who for the past 18 years operated Try2Check, one of the cybercrime undergrounds most trusted services for checking the validity of stolen credit card data. U.S. authorities say 43-year-old Denis Kulkovs card-checking service...
Conti Ransomware Gang Hits German Wind Turbine Giant Nordex
By Deeba Ahmed All of Nordexs internal IT systems were shut down, and remote access to the turbines was disrupted due… This is a post from HackRead.com Read the original post: Conti Ransomware Gang Hits German Wind Turbine Giant Nordex...
Nordex N149/4.0-4.5 Wind Turbine Web Server SQL Injection Vulnerability
A SQL injection vulnerability exists in Nordex N149/4.0-4.5 Wind Turbine Web Server. An attacker can exploit the vulnerability to obtain sensitive information from the database...
Nordex N149/4.0-4.5 Wind Turbine Web Server SQL Injection
Exploit Title: Nordex N149/4.0-4.5 Wind Turbine Web Server - SQL Injection Date: 21-05-2018 Exploit Author: t4rkd3vilz Vendor Homepage: http://www.nordex-online.com Tested on: Windows Version: N149/4.0-4.5 Wind Turbine Category: webapps --- Proof Of Concept -------- Request POST /php/login.php...
Nordex N149/4.0-4.5 Scada Web Server SQL Injection
Exploit Title: Nordex N149/4.0-4.5 Scada Web Server - SQL Injection Date: 21-05-2018 Exploit Author: t4rkd3vilz Vendor Homepage: http://www.nordex-online.com Tested on: Windows Version: N149/4.0-4.5 Category: webapps --- Proof Of Concept -------- Request POST /php/login.php HTTP/1.1 Cache-Control...
Nordex N149/4.0-4.5 - SQL Injection
Exploit Title: Nordex N149/4.0-4.5 Wind Turbine Web Server - SQL Injection Date: 21-05-2018 Exploit Author: t4rkd3vilz Vendor Homepage: http://www.nordex-online.com Tested on: Windows Version: N149/4.0-4.5 Wind Turbine Category: webapps --- Proof Of Concept -------- Request POST /php/login.php...
Nordex N149/4.0-4.5 - SQL Injection Vulnerability
Exploit for hardware platform in category web applications Exploit Title: Nordex N149/4.0-4.5 Wind Turbine Web Server - SQL Injection Exploit Author: t4rkd3vilz Vendor Homepage: http://www.nordex-online.com Tested on: Windows Version: N149/4.0-4.5 Wind Turbine Category: webapps --- Proof Of Conce...
Nordex N1494.0-4.5 - SQL Injection
Nordex N1494.0-4.5 - SQL Injection Exploit Title: Nordex N149/4.0-4.5 Wind Turbine Web Server - SQL Injection Date: 21-05-2018 Exploit Author: t4rkd3vilz Vendor Homepage: http://www.nordex-online.com Tested on: Windows Version: N149/4.0-4.5 Wind Turbine Category: webapps --- Proof Of Concept...
Nordex Control 2 (NC2) SCADA 16 Cross Site Scripting
Nordex NC2 XSS Vulnerability AFFECTED PRODUCTS Nordex Control 2 NC2 SCADA V16 and prior versions. Nordex is a company based in Germany that maintains offices in countries around the world. The affected product, Nordex Control 2, is a web-based SCADA system for wind power plants. According to...
Multiple Cross-Site Scripting Vulnerabilities in Nordex NC2
Nordex Control 2 is a web-based SCADA system for wind power stations. Multiple cross-site scripting vulnerabilities exist in the Nordex Control 2 NC2 SCADA 16 and earlier versions, Wind Farm Portal application. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTM...
CVE-2015-6477
Multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application in Nordex Control 2 NC2 SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...