Vulnerabilities (CVE)

Filtered by vendor Scadabr Subscribe
Filtered by product Scadabr
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-16344 1 Scadabr 1 Scadabr 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR/login.htm) in ScadaBR 1.0CE allows a remote attacker to inject arbitrary web script or HTML via the username or password parameter.
CVE-2019-16321 1 Scadabr 1 Scadabr 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
ScadaBR 1.0CE, and 1.1.x through 1.1.0-RC, has XSS via a request for a nonexistent resource, as demonstrated by the dwr/test/ PATH_INFO.