Malicious code in wdc-automation-framework (npm)

The package wdc-automation-framework was found to contain malicious code...

MAL-2025-38947 Malicious code in wdc-automation-framework (npm)

The package wdc-automation-framework was found to contain malicious code...

Default credentials

A Plaintext Storage of a Password issue was discovered in Kabona AB WebDatorCentral WDC versions prior to Version 3.4.0. WDC stores password credentials in plaintext...

Cross site scripting

An issue was discovered in Kabona AB WebDatorCentral WDC application prior to Version 3.4.0. The web server URL inputs are not sanitized correctly, which may allow cross-site scripting vulnerabilities...

CVE-2016-8376

Summary of CVE-2016-8376 : A non-validated redirect/forward (OPEN REDIRECT) vulnerability in Kabona AB WebDatorCentral (WDC) prior to version 3.4.0. The issue allows an attacker to chain with authenticated vulnerabilities, potentially affecting users via crafted URLs that redirect to a malicious ...

CVE-2016-8347

CVE-2016-8347 affects Kabona AB WebDatorCentral (WDC) prior to version 3.4.0. The root cause is improper handling of authentication attempts, allowing unrestricted brute-force attempts against the login API. Reports indicate remote exploitability with no user interaction required, and the impact ...

CVE-2016-8356

CVE-2016-8356 (Kabona AB WebDatorCentral, WDC) affects WebDatorCentral prior to version 3.4.0. The vulnerability is caused by unsanitized web server URL inputs, enabling cross-site scripting (XSS). Exploitation could be performed remotely over the network; the impact includes High confidentiality...

Kabona AB WDC Open Redirect Vulnerability

Kabona AB WDC is a web-based SCADA system from the Swedish company Kabona AB. An open redirection vulnerability exists in Kabona AB WDC versions prior to 3.4.0. An attacker can exploit this vulnerability to redirect users to a malicious page...

Kabona AB WDC Vulnerabilities (Update A)

OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-17-287-07 Kabona AB WDC Vulnerabilities that was published October 13, 2016, on the NCCIC/ICS-CERT web site. Martin Jartelius and John Stock of Outpost 24 have identified vulnerabilities in Kabona AB’s...

wdc-de.custhelp.com XSS vulnerability

Vulnerable URL: http://wdc-de.custhelp.com/app/error/errorid/404/url/%2522%253E%253Cimg%2520src%253D1%2520onerror%253Dprompt%2528'openbugbounty'%2529%253E/session/L3RpbWUvMTQ3MDkxODc1NS9zaWQvZGpQcE5PWG0= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017...

wdc-es.custhelp.com XSS vulnerability

Vulnerable URL: http://wdc-es.custhelp.com/app/error/errorid/404/url/%2522%253E%253Cimg%2520src%253D1%2520onerror%253Dprompt%2528'openbugbounty'%2529%253E/session/L3RpbWUvMTQ3MDkxODc1NS9zaWQvZGpQcE5PWG0= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017...