261061
|
- |
|
siemens
|
simatic_pcs7 wincc
|
Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0674
|
2013-03-22 22:49 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261062
|
- |
|
siemens
|
wincc_tia_portal
|
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0667
|
2013-03-22 22:38 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261063
|
- |
|
siemens
|
wincc_tia_portal
|
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0672
|
2013-03-22 22:36 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261064
|
- |
|
askia
|
askiaweb
|
Multiple SQL injection vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to execute arbitrary SQL commands via (1) the nHistoryId parameter to WebProd/pages/pgH…
|
CWE-89
SQL Injection
|
CVE-2013-0123
|
2013-03-22 13:00 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261065
|
- |
|
askia
|
askiaweb
|
Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to inject arbitrary web script or HTML via the (1) Number or (2) UpdatePag…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0124
|
2013-03-22 13:00 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261066
|
- |
|
siemens
|
wincc_tia_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0668
|
2013-03-22 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261067
|
- |
|
siemens
|
wincc_tia_portal
|
The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.
|
CWE-20
Improper Input Validation
|
CVE-2013-0669
|
2013-03-22 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261068
|
- |
|
siemens
|
wincc_tia_portal
|
CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cra…
|
CWE-20
Improper Input Validation
|
CVE-2013-0670
|
2013-03-22 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261069
|
- |
|
siemens
|
wincc_tia_portal
|
Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2013-0671
|
2013-03-22 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261070
|
- |
|
siemens
|
simatic_pcs7 wincc
|
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated…
|
CWE-255
Credentials Management
|
CVE-2013-0678
|
2013-03-22 13:00 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|