261081
|
- |
|
siemens
|
wincc_tia_portal
|
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0667
|
2013-03-22 22:38 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261082
|
- |
|
siemens
|
wincc_tia_portal
|
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0672
|
2013-03-22 22:36 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261083
|
- |
|
askia
|
askiaweb
|
Multiple SQL injection vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to execute arbitrary SQL commands via (1) the nHistoryId parameter to WebProd/pages/pgH…
|
CWE-89
SQL Injection
|
CVE-2013-0123
|
2013-03-22 13:00 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261084
|
- |
|
askia
|
askiaweb
|
Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to inject arbitrary web script or HTML via the (1) Number or (2) UpdatePag…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0124
|
2013-03-22 13:00 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261085
|
- |
|
siemens
|
wincc_tia_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0668
|
2013-03-22 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261086
|
- |
|
siemens
|
wincc_tia_portal
|
The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.
|
CWE-20
Improper Input Validation
|
CVE-2013-0669
|
2013-03-22 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261087
|
- |
|
siemens
|
wincc_tia_portal
|
CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cra…
|
CWE-20
Improper Input Validation
|
CVE-2013-0670
|
2013-03-22 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261088
|
- |
|
siemens
|
wincc_tia_portal
|
Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2013-0671
|
2013-03-22 13:00 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261089
|
- |
|
siemens
|
simatic_pcs7 wincc
|
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated…
|
CWE-255
Credentials Management
|
CVE-2013-0678
|
2013-03-22 13:00 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261090
|
- |
|
websense
|
websense_content_content_gateway
|
Multiple cross-site scripting (XSS) vulnerabilities in monitor/m_overview.ink in Websense Content Gateway before 7.7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) menu o…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2984
|
2013-03-22 12:11 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|