Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-2418

Malware in sbrugna...

2.1CVSS6.4AI score0.00145EPSS
Exploits0References2
NVD
NVD
added 2014/08/28 1:55 a.m.21 views

CVE-2014-2381

Schneider Electric Wonderware Information Server WIS Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file...

2.1CVSS5.7AI score0.00145EPSS
Exploits0References3
NVD
NVD
added 2014/08/28 1:55 a.m.13 views

CVE-2014-5398

Schneider Electric Wonderware Information Server WIS Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue...

2.1CVSS6.8AI score0.00565EPSS
Exploits0References3
NVD
NVD
added 2014/08/28 1:55 a.m.14 views

CVE-2014-5397

Cross-site scripting XSS vulnerability in Schneider Electric Wonderware Information Server WIS Portal 4.0 SP1 through 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

7.5CVSS5.7AI score0.01512EPSS
Exploits0References4
Prion
Prion
added 2014/08/28 1:55 a.m.13 views

Sql injection

SQL injection vulnerability in Schneider Electric Wonderware Information Server WIS Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

7.5CVSS9AI score0.01587EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2014/08/28 1:55 a.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in Schneider Electric Wonderware Information Server WIS Portal 4.0 SP1 through 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.1AI score0.01512EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2014/08/28 1:0 a.m.41 views

CVE-2014-2380

Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1–5.5 is affected by Inadequate Encryption Strength (CWE-326). The vulnerability arises from weak encryption of credential data, enabling remote attackers to read a credential file and obtain sensitive information. Some sources a...

7.8CVSS6.3AI score0.00752EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2014/08/28 1:0 a.m.43 views

CVE-2014-5399

CVE-2014-5399 corresponds to SQL injection vulnerabilities in Schneider Electric Wonderware Information Server (WIS) Portal. Connected PT-2014-21 confirms multiple SQL injection flaws affecting WIS, with the vendor releasing updates to mitigate these issues. Affected products include Wonderware I...

7.5CVSS8.6AI score0.01587EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2014/08/28 1:0 a.m.19 views

CVE-2014-5397 Schneider Electric Wonderware Cross-site Scripting

Cross-site scripting XSS vulnerability in Schneider Electric Wonderware Information Server WIS Portal 4.0 SP1 through 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

7.5CVSS5.6AI score0.01512EPSS
Exploits0References2
Cvelist
Cvelist
added 2014/08/28 1:0 a.m.27 views

CVE-2014-2381 Schneider Electric Wonderware Inadequate Encryption Strength

Schneider Electric Wonderware Information Server WIS Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file...

2.1CVSS5.7AI score0.00145EPSS
Exploits0References2
CVE
CVE
added 2014/08/28 1:0 a.m.45 views

CVE-2014-5397

CVE-2014-5397 concerns multiple Cross-Site Scripting (XSS) vulnerabilities in Schneider Electric Wonderware Information Server (WIS) Portal. Affected: WIS Portal versions 4.0 SP1 through 5.5. Root cause: improper input handling/encoding in the web portal frontend, allowing arbitrary web script or...

7.5CVSS5.8AI score0.01512EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder