Lucene search

Openplcproject Security Vulnerabilities

cve

CVE-2021-31630

Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the...

8.8CVSS

9.1AI Score

0.006EPSS

2021-08-03 03:15 PM

cve

CVE-2021-3351

OpenPLC runtime V3 through 2016-03-14 allows stored XSS via the Device Name to the web server's Add New Device...

5.4CVSS

5.2AI Score

0.001EPSS

2021-08-02 06:15 AM

cve

CVE-2021-26829

OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via...

5.4CVSS

5.2AI Score

0.001EPSS

2021-06-11 12:15 PM

cve

CVE-2021-26828

OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via...

8.8CVSS

8.6AI Score

0.012EPSS

2021-06-11 12:15 PM

cve

CVE-2018-20818

A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLC_v2 and OpenPLC_v3 versions. It occurs in the modbus.cpp mapUnusedIO() function, which can cause a runtime crash of the PLC or possibly have unspecified other...

9.8CVSS

10AI Score

0.003EPSS

2019-04-22 11:29 AM