OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability

OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via viewedit.shtm...

EUVD-2025-25338

Malicious code in bioql PyPI...

EUVD-2025-25189

Malicious code in bioql PyPI...

CVE-2025-9233 Scada-LTS view_edit.shtm cross site scripting

A security vulnerability has been detected in Scada-LTS up to 2.7.8.1. Impacted is an unknown function of the file viewedit.shtm. The manipulation of the argument Name leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be...

CVE-2025-9233 Scada-LTS view_edit.shtm cross site scripting

A security vulnerability has been detected in Scada-LTS up to 2.7.8.1. Impacted is an unknown function of the file viewedit.shtm. The manipulation of the argument Name leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be...

CVE-2025-9233

CVE-2025-9233 affects Scada-LTS up to version 2.7.8.1. The vulnerability is a stored/ reflected cross-site scripting flaw in the view_edit.shtm file, triggered by manipulating the Name parameter in an unspecified function. Remote exploitation is possible, and public PoCs/exploit details have circ...

PT-2025-34077 · Scada-Lts · Scada-Lts

Name of the Vulnerable Software and Affected Versions: Scada-LTS versions through 2.7.8.1 Description: A security vulnerability has been detected in Scada-LTS. The manipulation of the argument Name in an unknown function of the file view edit.shtm leads to cross site scripting. Remote exploitatio...

CVE-2025-9145 Scada-LTS SVG File view_edit.shtm cross site scripting

A security vulnerability has been detected in Scada-LTS 2.7.8.1. This issue affects some unknown processing of the file viewedit.shtm of the component SVG File Handler. Such manipulation of the argument backgroundImageMP leads to cross site scripting. The attack can be launched remotely. The...

CVE-2025-9145 Scada-LTS SVG File view_edit.shtm cross site scripting

A security vulnerability has been detected in Scada-LTS 2.7.8.1. This issue affects some unknown processing of the file viewedit.shtm of the component SVG File Handler. Such manipulation of the argument backgroundImageMP leads to cross site scripting. The attack can be launched remotely. The...

PT-2021-3504

Name of the Vulnerable Software and Affected Versions OpenPLC ScadaBR versions through 0.9.1 on Linux OpenPLC ScadaBR versions through 1.12.4 on Windows Description The ScadaBR system, designed for data collection and process automation control, is affected by multiple issues. One issue involves...