EUVD-2018-10695

Malware in sbrugna...

CVE-2023-3329

CVE-2023-3329 affects SpiderControl SCADA Webserver versions 2.08 and prior. The vulnerability is a path traversal (CWE-22) flaw in the HMI file upload feature, allowing an attacker with administrative privileges to overwrite files on the webserver, potentially creating size-zero files anywhere a...

iniNet SpiderControl SCADA WebServer Cross-Site Scripting Vulnerability

The iniNet SpiderControl SCADA WebServer is a SCADA system server from iniNet Solutions, Switzerland. A cross-site scripting vulnerability exists in iniNet SpiderControl SCADA WebServer versions prior to 2.03.0001. A remote attacker can exploit this vulnerability by sending a specially crafted UR...

CVE-2018-18991

Reflected cross-site scripting non-persistent in SCADA WebServer Versions prior to 2.03.0001 could allow an attacker to send a crafted URL that contains JavaScript, which can be reflected off the web application to the victim's browser...

Cross site scripting

Reflected cross-site scripting non-persistent in SCADA WebServer Versions prior to 2.03.0001 could allow an attacker to send a crafted URL that contains JavaScript, which can be reflected off the web application to the victim's browser...

CVE-2018-18991

SpiderControl SCADA WebServer (versions prior to 2.03.0001) is affected by CVE-2018-18991: a reflected cross-site scripting (non-persistent) flaw caused by improper input neutralization during web page generation. An attacker can craft a URL to execute JavaScript in a victim’s browser. Mitigation...

CVE-2018-18991

Reflected cross-site scripting non-persistent in SCADA WebServer Versions prior to 2.03.0001 could allow an attacker to send a crafted URL that contains JavaScript, which can be reflected off the web application to the victim's browser...

SpiderControl SCADA WebServer

1. EXECUTIVE SUMMARY CVSS v3 6.1 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: SpiderControl Equipment: SCADA WebServer Vulnerability: Reflected Cross-site Scripting 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute JavaScript...

iniNet Solutions GmbH SCADA Webserver

CVSS v3 10.0 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: iniNet Solutions GmbH Equipment: SCADA Webserver Vulnerability: Improper Authentication AFFECTED PRODUCTS The following versions of iniNet Solutions GmbH’s SCADA Webserver, a third-party web-based server software, ar...