Vulnerabilities > Lcds > Laquis Scada > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-25 | CVE-2021-32989 | Unspecified vulnerability in Lcds Laquis Scada When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting. | 6.1 |
| 2020-05-04 | CVE-2020-10618 | Information Exposure vulnerability in Lcds Laquis Scada LCDS LAquis SCADA Versions 4.3.1 and prior. | 5.5 |
| 2019-02-05 | CVE-2018-19000 | Improper Authentication vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870 LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data. | 5.3 |
| 2019-02-05 | CVE-2018-18990 | Path Traversal vulnerability in Lcds Laquis Scada 4.1/4.1.0.3391/4.1.0.3870 LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. | 5.3 |
| 2018-04-17 | CVE-2017-6020 | Path Traversal vulnerability in Lcds Laquis Scada 4.1 Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level. | 5.3 |