Vulnerabilities > Meteocontrol

DATE	CVE	VULNERABILITY TITLE	RISK
2017-03-21	CVE-2016-4504	Cross-Site Request Forgery (CSRF) vulnerability in Meteocontrol Weblog A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. network low complexity meteocontrol CWE-352	8.8
2016-05-14	CVE-2016-2298	Information Exposure vulnerability in Meteocontrol products Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors. network low complexity meteocontrol CWE-200 critical	9.8
2016-05-14	CVE-2016-2297	Unspecified vulnerability in Meteocontrol products Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to execute arbitrary commands via an "access command shell-like feature." network low complexity meteocontrol critical	9.4
2016-05-14	CVE-2016-2296	7PK - Security Features vulnerability in Meteocontrol products Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote attackers to obtain sensitive information or modify data via unspecified vectors. network low complexity meteocontrol CWE-254 critical	9.4

Vulnerabilities > Meteocontrol {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Meteocontrol"}]}