3 matches found
CVE-2022-31591
SAP BusinessObjects BW Publisher Service - versions 420, 430, uses a search path that contains an unquoted element. A local attacker can gain elevated privileges by inserting an executable file in the path of the affected service...
CVE-2017-14019
An Unquoted Search Path or Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An unquoted search path or element vulnerability has been identified, which may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate his or her...
Progea Movicon SCADA/HMI
CVSS v3 6.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Progea Equipment: Movicon SCADA/HMI Vulnerability: Uncontrolled Search Path Element, Unquoted Search Path or Element AFFECTED PRODUCTS The following versions of Movicon HMI, an HMI software platform, are affected:...