Vulnerabilities > APC > Powerchute > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-08-31 CVE-2020-7526 Improper Input Validation vulnerability in APC Powerchute 9.0.1.606
Improper Input Validation vulnerability exists in PowerChute Business Edition (software V9.0.x and earlier) which could cause remote code execution when a script is executed during a shutdown event.
network
low complexity
apc CWE-20
6.5
2011-12-07 CVE-2011-4263 Cross-Site Scripting vulnerability in APC Powerchute 6.0/7.0.4/7.1
Cross-site scripting (XSS) vulnerability in Schneider Electric PowerChute Business Edition before 8.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
apc CWE-79
4.3
2004-12-31 CVE-2004-2046 Denial Of Service vulnerability in APC Powerchute 6.0/7.1
Unknown vulnerability in APC PowerChute Business Edition 6.0 through 7.0.1 allows remote attackers to cause a denial of service via unknown attack vectors.
network
low complexity
apc
5.0
2002-12-31 CVE-2002-1924 Unspecified vulnerability in APC Powerchute 5.0.2
PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that directory.
network
low complexity
apc
5.0