EUVD-2016-1072

Malware in sbrugna...

EUVD-2025-30930

Malicious code in bioql PyPI...

CVE-2025-58069

The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software contains a hard-coded AES key used to protect the initial messages of a new KOPS session...

CVE-2025-55038

An authorization bypass vulnerability has been discovered in the Click Plus C2-03CPU2 device firmware version 3.60. Through the KOPR protocol utilized by the Remote PLC application, authenticated users with low-level access permissions can exploit this vulnerability to read and modify PLC variabl...

CVE-2025-55038 AutomationDirect CLICK PLUS Missing Authorization

An authorization bypass vulnerability has been discovered in the Click Plus C2-03CPU2 device firmware version 3.60. Through the KOPR protocol utilized by the Remote PLC application, authenticated users with low-level access permissions can exploit this vulnerability to read and modify PLC variabl...

CVE-2025-58069

The CVE pertains to AutomationDirect CLICK PLUS firmware 3.60, where a hard-coded AES key is used to protect the initial messages of a new KOPS session. Root cause: hard-coded cryptographic key stored in the firmware. Impact: potential exposure of the cryptographic key and associated initial comm...

CVE-2025-54855 AutomationDirect CLICK PLUS Cleartext Storage of Sensitive Information

Cleartext storage of sensitive information was discovered in Click Programming Software version v3.60. The vulnerability can be exploited by a local user with access to the file system, while an administrator session is active, to steal credentials stored in clear text...

AutomationDirect CLICK PLUS 加密问题漏洞

AutomationDirect CLICK PLUS is a small programmable logic controller from AutomationDirect, Inc. An encryption issue vulnerability exists in AutomationDirect CLICK PLUS version 3.60, which stems from the use of an insecure RSA encryption algorithm implementation...

AutomationDirect CLICK PLUS 安全漏洞

AutomationDirect CLICK PLUS is a small programmable logic controller from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect CLICK PLUS version 3.60, which stems from the use of predictable seeds in the pseudo-random number generator, which could lead to compromised securi...

AutomationDirect CLICK PLUS 安全漏洞

The AutomationDirect CLICK PLUS is a small programmable logic controller from AutomationDirect, Inc. A security vulnerability exists in AutomationDirect CLICK PLUS version 3.60, which stems from improper authorization of the KOPR protocol, and could result in a low-privileged user overstepping...

CVE-2016-1000128

Reflected XSS in wordpress plugin anti-plagiarism v3.60...

Sql injection

Multiple SQL injection vulnerabilities in SpamTitan WebTitan before 3.60 allow remote attackers to execute arbitrary SQL commands via 1 the username parameter to login-x.php, and allow remote authenticated users to execute arbitrary SQL commands via the 2 bldomain, 3 wldomain, or 4 temid paramete...