35 matches found
CVE-2024-2882
SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA system...
EUVD-2020-17550
Malware in sbrugna...
EUVD-2020-17551
Malware in sbrugna...
CVE-2020-24842
PNPSCADA 2.200816204020 allows cross-site scripting XSS, which can execute arbitrary JavaScript in the victim's browser...
CVE-2024-2882
SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA system...
CVE-2024-2882
CVE-2024-2882 affects SDG Technologies PnPSCADA (web-based SCADA HMI). Connected sources (CISA ICS advisory ICSA-24-179-02, Red Hat CVE page, NVD/NIST entries) confirm a missing authorization flaw (CWE-862) that allows a remote attacker to attach various entities without authenticating, potential...
CVE-2024-2882 Missing Authorization in SDG Technologies PnPSCADA
SDG Technologies PnPSCADA allows a remote attacker to attach various entities without requiring system authentication. This breach could potentially lead to unauthorized control, data manipulation, and access to sensitive information within the SCADA system...
SDG Technologies PnPSCADA
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : SDG Technologies Equipment : PnPSCADA Vulnerability : Missing Authorization 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to attach various...
PnPSCADA 2.x SQL Injection
Exploit Title: PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Date: 15/5/2023 Exploit Author: Momen Eldawakhly Cyber Guy at Samurai Digital Security Ltd Vendor Homepage: https://pnpscada.com/ Version: PnPSCADA cross platforms: v2.x Tested on: Unix CVE : CVE-2023-1934 Proof-of-Concept:...
PnPSCADA v2.x - Unauthenticated PostgreSQL Injection
Exploit Title: PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Date: 15/5/2023 Exploit Author: Momen Eldawakhly Cyber Guy at Samurai Digital Security Ltd Vendor Homepage: https://pnpscada.com/ Version: PnPSCADA cross platforms: v2.x Tested on: Unix CVE : CVE-2023-1934 Proof-of-Concept:...
PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Vulnerability
Exploit Title: PnPSCADA v2.x - Unauthenticated PostgreSQL Injection Exploit Author: Momen Eldawakhly Cyber Guy at Samurai Digital Security Ltd Vendor Homepage: https://pnpscada.com/ Version: PnPSCADA cross platforms: v2.x Tested on: Unix CVE : CVE-2023-1934 Proof-of-Concept:...
SDG PnPSCADA
1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: SDG Technologies Equipment: PnPSCADA Vulnerabilities: SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to interact with the database and retrieve...
CVE-2023-1934
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...
CVE-2023-1934
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...
Code injection
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...
CVE-2023-1934
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...
CVE-2023-1934
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and...
CVE-2023-1934
CVE-2023-1934 concerns SDG Technologies SDG PnPSCADA. The vulnerability is an unauthenticated, error-based PostgreSQL injection affecting the hitlogcsv.jsp endpoint, allowing remote attackers to read/modify data in the underlying database. Reported impact includes access to ICS/OT data and other ...
SDG Technologies PnPSCADA SQL注入漏洞
SDG Technologies PnPSCADA is an automated meter reading solution from SDG Technologies. SDG Technologies PnPSCADA suffers from a SQL injection vulnerability. An attacker exploiting this vulnerability could interact with the underlying database...
PT-2023-3021 · Postgresql · Postgresql
Name of the Vulnerable Software and Affected Versions: PnPSCADA affected versions not specified Description: The PnPSCADA system is affected by a critical unauthenticated error-based PostgreSQL Injection vulnerability. This security flaw is present within the "hitlogcsv.jsp" endpoint, allowing...