CVE-2023-47261

Dokmee ECM 7.4.6 allows remote code execution because the response to a GettingStarted/SaveSQLConnectionAsync //gettingstarted request contains a connection string for privileged SQL Server database access, and xpcmdshell can be enabled...

PT-2016-2997 · Siemens · Sicam Pas

Name of the Vulnerable Software and Affected Versions: Siemens SICAM PAS versions prior to 8.00 Description: The issue is related to a factory account with hard-coded passwords in SICAM PAS installations. This could allow attackers to gain privileged access to the database over Port 2638/TCP. The...

Siemens SICAM PAS Information Disclosure Vulnerability

SICAM PAS is an energy automation solution for the operation of substation equipment. It has open communication interfaces for power system control and control of industrial power supply equipment. An information disclosure vulnerability exists in Siemens SICAM PAS. An attacker with privileged...

CVE-2000-1235

The default configurations of 1 the port listener and 2 modplsql in Oracle Internet Application Server IAS 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor DAD files...