Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2022/02/07 12:0 a.m.21 views

Schneider Electric PowerLogic PM5560 Improper Neutralization of Input During Web Page Generation (CVE-2018-7795)

A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic PM5560 prior to FW version 2.5.4 product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code. Th...

6.1CVSS5.7AI score0.00311EPSS
Exploits0References4
Tenable Nessus
Tenable Nessusadded 2019/05/08 12:0 a.m.11 views

Schneider Electric PowerLogic PM5560 < 2.5.4 Cross Protocol Injection

Binary data 720172.prm...

6.1CVSS7.3AI score0.00311EPSS
Exploits0References2
OSV
OSVadded 2018/08/29 8:29 p.m.2 views

CVE-2018-7795

A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic PM5560 prior to FW version 2.5.4 product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code...

6.1CVSS5.3AI score0.00311EPSS
Exploits0References3
CVE
CVEadded 2018/08/29 8:0 p.m.57 views

CVE-2018-7795

The CVE-2018-7795 entry corresponds to Schneider Electric PowerLogic PM5560 (all versions prior to firmware 2.5.4) with an vulnerability described as Improper Neutralization of Input During Web Page Generation (Cross-Site Scripting). The root cause is input handling in the web interface that allo...

6.1CVSS6.3AI score0.00311EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2018/08/29 8:0 p.m.2 views

CVE-2018-7795

A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic PM5560 prior to FW version 2.5.4 product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code...

5.8AI score0.00311EPSS
Exploits0References3
Cvelist
Cvelistadded 2018/08/29 8:0 p.m.17 views

CVE-2018-7795

A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic PM5560 prior to FW version 2.5.4 product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code...

6.3AI score0.00311EPSS
Exploits0References3
ThreatPost
ThreatPostadded 2018/08/29 5:55 p.m.24 views

High-Severity Flaws Patched in Schneider Electric Products

Schneider Electric has released fixes for a slew of vulnerabilities that can be exploited remotely in two of its industrial control system products. The two flaws, which exist in Schneider Electric’s power management system, PowerLogic PM5560, and its programmable logic controller, Modicon M221,...

7.5CVSS2.2AI score0.01531EPSS
Exploits0References4
ICS
ICSadded 2018/08/28 12:0 a.m.178 views

Schneider Electric PowerLogic PM5560

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: PowerLogic PM5560 Vulnerability: Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow user input to be manipulated,...

6.1CVSS6.7AI score0.00311EPSS
Exploits0References5
Rows per page
Query Builder