Vulnerabilities (CVE)

Filtered by vendor Spidercontrol Subscribe
Filtered by product Scada Webserver
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-18991 1 Spidercontrol 1 Scada Webserver 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
Reflected cross-site scripting (non-persistent) in SCADA WebServer (Versions prior to 2.03.0001) could allow an attacker to send a crafted URL that contains JavaScript, which can be reflected off the web application to the victim's browser.
CVE-2017-12728 1 Spidercontrol 1 Scada Webserver 2024-02-04 7.2 HIGH 7.8 HIGH
An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2.02.0007 and prior. Authenticated, non-administrative local users are able to alter service executables with escalated privileges, which could allow an attacker to execute arbitrary code under the context of the current system services.