CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

CNVD•added 2015/10/21 12:0 a.m.•1 views

Multiple Cross-Site Scripting Vulnerabilities in Nordex NC2

Nordex Control 2 is a web-based SCADA system for wind power stations. Multiple cross-site scripting vulnerabilities exist in the Nordex Control 2 NC2 SCADA 16 and earlier versions, Wind Farm Portal application. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTM...

4.3CVSS6.2AI score0.12042EPSS

Exploits1References1

Prion•added 2015/10/18 7:59 p.m.•9 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application in Nordex Control 2 NC2 SCADA 16 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.12042EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2015/10/18 7:0 p.m.•3 views

CVE-2015-6477

5.8AI score0.12042EPSS

Exploits1References3

Cvelist•added 2015/10/18 7:0 p.m.•20 views

CVE-2015-6477

5.7AI score0.12042EPSS

Exploits1References3

Positive Technologies•added 2015/10/18 12:0 a.m.•3 views

PT-2015-7264

Name of the Vulnerable Software and Affected Versions Nordex Control 2 NC2 SCADA versions 16 and earlier Description The issue concerns multiple cross-site scripting XSS vulnerabilities in the Wind Farm Portal application. These vulnerabilities allow remote attackers to inject arbitrary web scrip...

6.1CVSS5.4AI score0.12042EPSS

Exploits1References5

ICS•added 2015/07/16 6:0 a.m.•56 views

Nordex NC2 XSS Vulnerability

OVERVIEW Independent researcher Karn Ganeshen has identified a cross-site scripting vulnerability in Nordex’s NC2 Wind Farm Portal application. Nordex has produced an update to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED PRODUCTS The following Nordex NC2...

6.1CVSS6.4AI score0.12042EPSS

Exploits1References10

Prion•added 2014/11/05 11:55 a.m.•13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the login script in the Wind Farm Portal on Nordex Control 2 NC2 SCADA devices 15 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter...

4.3CVSS6.2AI score0.01671EPSS

Exploits0References2Affected Software1

CVE•added 2014/11/05 11:0 a.m.•73 views

CVE-2014-5408

CVE-2014-5408 is a reflected XSS in the Nordex NC2 Wind Farm Portal login script (username parameter) affecting NC2 v15 and earlier. The vulnerability, exploitable remotely, can cause a user’s browser to execute arbitrary script/HTML; OpenVAS notes the potential to read cookies during exploitatio...

7.5CVSS6AI score0.01671EPSS

Exploits0References4Affected Software1

Cvelist•added 2014/11/05 11:0 a.m.•16 views

CVE-2014-5408 Nordex NC2 Cross-site Scripting

7.5CVSS5.8AI score0.01671EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by