Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-18991 | 1 Spidercontrol | 1 Scada Webserver | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Reflected cross-site scripting (non-persistent) in SCADA WebServer (Versions prior to 2.03.0001) could allow an attacker to send a crafted URL that contains JavaScript, which can be reflected off the web application to the victim's browser. | |||||
CVE-2017-12728 | 1 Spidercontrol | 1 Scada Webserver | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the context of the current system services. |