30 matches found
CVE-2025-13791
A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common.getHomeDir of the file br/org/scadabr/vo/exporter/ZIPProjectManager.java of the component Project Import. Such manipulation leads to path traversal. The attack may be launched remotely. The exploit is...
EUVD-2025-199934
A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure...
EUVD-2025-25648
Malicious code in bioql PyPI...
EUVD-2025-25338
Malicious code in bioql PyPI...
EUVD-2025-25189
Malicious code in bioql PyPI...
EUVD-2025-25187
Malicious code in bioql PyPI...
EUVD-2025-24024
Malicious code in bioql PyPI...
EUVD-2025-25173
Malicious code in bioql PyPI...
Scada-LTS 代码注入漏洞
Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A code injection vulnerability exists in Scada-LTS version 2.7.8.1 and earlier, which stems from an incorrect manipulation of the parameter Colour in the file /reports.shtm, and could lead to a cross-site...
CVE-2025-10234 Scada-LTS Data Point Edit data_point_edit.shtm cross site scripting
A vulnerability was detected in Scada-LTS up to 2.7.8.1. This vulnerability affects unknown code of the file /datapointedit.shtm of the component Data Point Edit Module. The manipulation of the argument Text Renderer properties results in cross site scripting. The attack can be launched remotely...
CVE-2025-9404 Scada-LTS Folder pointHierarchySLTS cross site scripting
A vulnerability was identified in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file /pointHierarchySLTS of the component Folder Handler. The manipulation of the argument Title leads to cross site scripting. It is possible to initiate the attack remotely. The exploit...
CVE-2025-9404
CVE-2025-9404 concerns Scada-LTS versions up to 2.7.8.1. The vulnerability is a stored/remote cross-site scripting flaw in an unknown function within the /pointHierarchySLTS file of the Folder Handler component. The attack is triggered by manipulating the Title argument, and the exploit is public...
CVE-2025-9388 Scada-LTS watch_list.shtm cross site scripting
A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function of the file watchlist.shtm. Executing manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be...
Scada-LTS 安全漏洞
Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A security vulnerability exists in Scada-LTS version 2.7.8.1 and earlier, which originates from cross-site scripting and could lead to remote attacks...
CVE-2025-9139
A vulnerability was determined in Scada-LTS 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file /Scada-LTS/dwr/call/plaincall/WatchListDwr.init.dwr. Executing manipulation can lead to information disclosure. The attack may be performed from a remote location. The explo...
CVE-2025-9234 Scada-LTS maintenance_events.shtm cross site scripting
A vulnerability was detected in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file maintenanceevents.shtm. The manipulation of the argument Alias results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used...
CVE-2025-9234
The CVE-2025-9234 issue affects Scada-LTS prior to 2.7.8.2. The vulnerability is a cross-site scripting (XSS) flaw arising from improper handling of the Alias parameter in maintenance_events.shtm, allowing remote attacker-controlled input to be executed in users’ browsers. Multiple sources confir...
CVE-2025-9233 Scada-LTS view_edit.shtm cross site scripting
A security vulnerability has been detected in Scada-LTS up to 2.7.8.1. Impacted is an unknown function of the file viewedit.shtm. The manipulation of the argument Name leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be...
CVE-2025-9233 Scada-LTS view_edit.shtm cross site scripting
A security vulnerability has been detected in Scada-LTS up to 2.7.8.1. Impacted is an unknown function of the file viewedit.shtm. The manipulation of the argument Name leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be...
Scada-LTS 安全漏洞
Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A security vulnerability exists in Scada-LTS version 2.7.8.1 and earlier, which stems from an incorrect manipulation of the parameter Alias in the file maintenanceevents.shtm, resulting in a cross-site...