Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

CVE
CVEadded 2017/02/13 9:0 p.m.42 views

CVE-2017-5141

The CVE-2017-5141 issue affects Honeywell XL Web II controllers: XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. The vulnerability allows an attacker to establish a new user session without invalidating an existing session identifier, enabling session fixation and...

6.5CVSS6.5AI score0.00453EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2017/02/13 9:0 p.m.14 views

CVE-2017-5140

An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior, and XLWeb 500 XLWebExe-1-02-08 and prior. Password is stored in clear text...

9.5AI score0.00419EPSS
Exploits0References2
NVD
NVDadded 2014/07/24 2:55 p.m.9 views

CVE-2014-2717

Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain administrative access by visiting the change-password page...

7.6CVSS7AI score0.0042EPSS
Exploits1References1
NVD
NVDadded 2014/07/24 2:55 p.m.16 views

CVE-2014-3110

Multiple cross-site scripting XSS vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to inject arbitrary web script or HTML via invalid input...

4.3CVSS5.8AI score0.02428EPSS
Exploits4References3
Prion
Prionadded 2014/07/24 2:55 p.m.12 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to inject arbitrary web script or HTML via invalid input...

4.3CVSS6.1AI score0.02428EPSS
Exploits4References3Affected Software2
Cvelist
Cvelistadded 2014/07/24 2:0 p.m.18 views

CVE-2014-3110

Multiple cross-site scripting XSS vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to inject arbitrary web script or HTML via invalid input...

5.8AI score0.02428EPSS
Exploits4References3
Cvelist
Cvelistadded 2014/07/24 2:0 p.m.17 views

CVE-2014-2717

Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to bypass authentication and obtain administrative access by visiting the change-password page...

7AI score0.0042EPSS
Exploits1References1
CVE
CVEadded 2014/07/24 2:0 p.m.66 views

CVE-2014-3110

CVE-2014-3110 affects Honeywell FALCON XLWeb controllers: Linux XLWeb (2.04.01 or earlier) and XLWebExe (2.02.11 or earlier). The vulnerability is multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary HTML/JS via invalid input in the web interface. Th...

4.3CVSS5.8AI score0.02428EPSS
Exploits4References3Affected Software2
CVE
CVEadded 2014/07/24 2:0 p.m.48 views

CVE-2014-2717

CVE-2014-2717 affects Honeywell FALCON XLWeb controllers (Linux: 2.04.01 and earlier; XLWebExe: 2.02.11 and earlier). The vulnerability allows remote attackers to bypass authentication and obtain administrative access by visiting the change-password page. NVD lists a CVSS v2 base score of 7.6 (AV...

7.6CVSS7.2AI score0.0042EPSS
Exploits1References1Affected Software2
Rows per page
Query Builder