Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-10-13 CVE-2016-8565 Improper Access Control vulnerability in Siemens Automation License Manager 5.3
Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files, rename files, create directories, or delete directories via crafted packets.
network
low complexity
siemens CWE-284
6.4
6.4
2016-10-13 CVE-2016-8564 SQL Injection vulnerability in Siemens Automation License Manager 5.3
SQL injection vulnerability in Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to execute arbitrary SQL commands via crafted traffic to TCP port 4410.
network
low complexity
siemens CWE-89
6.4
6.4
2016-10-13 CVE-2016-8563 Improper Input Validation vulnerability in Siemens Automation License Manager 5.3
Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause a denial of service (ALM service outage) via crafted packets to TCP port 4410.
network
low complexity
siemens CWE-20
5.0
5.0
2016-10-10 CVE-2016-1000155 Cross-site Scripting vulnerability in Wpsolr Wpsolr-Search-Engine 7.6
Reflected XSS in wordpress plugin wpsolr-search-engine v7.6
network
wpsolr CWE-79
4.3
4.3
2016-10-10 CVE-2016-1000154 Cross-site Scripting vulnerability in Browserweb Whizz
Reflected XSS in wordpress plugin whizz v1.0.7
network
browserweb CWE-79
4.3
4.3
2016-10-10 CVE-2016-1000153 Cross-site Scripting vulnerability in Tidio-Gallery Project Tidio-Gallery 1.1
Reflected XSS in wordpress plugin tidio-gallery v1.1 		4.3
4.3
2016-10-10 CVE-2016-1000152 Cross-site Scripting vulnerability in Tidio-Form Project Tidio-Form 1.0
Reflected XSS in wordpress plugin tidio-form v1.0 		4.3
4.3
2016-10-10 CVE-2016-1000151 Cross-site Scripting vulnerability in Tera-Charts Project Tera-Charts 1.0
Reflected XSS in wordpress plugin tera-charts v1.0 		4.3
4.3
2016-10-10 CVE-2016-1000150 Cross-site Scripting vulnerability in Oxil Simplified-Content 1.0.0
Reflected XSS in wordpress plugin simplified-content v1.0.0
network
oxil CWE-79
4.3
4.3
2016-10-10 CVE-2016-1000149 Cross-site Scripting vulnerability in Simpel-Reserveren Project Simpel-Reserveren 3.5.2
Reflected XSS in wordpress plugin simpel-reserveren v3.5.2 		4.3
4.3