Vulnerabilities > Scadabr

DATE CVE VULNERABILITY TITLE RISK
2019-10-14 CVE-2019-16344 Cross-site Scripting vulnerability in Scadabr 1.0Ce
A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR/login.htm) in ScadaBR 1.0CE allows a remote attacker to inject arbitrary web script or HTML via the username or password parameter.
network
low complexity
scadabr CWE-79
6.1
2019-09-15 CVE-2019-16321 Cross-site Scripting vulnerability in Scadabr 1.0Ce/1.1.0
ScadaBR 1.0CE, and 1.1.x through 1.1.0-RC, has XSS via a request for a nonexistent resource, as demonstrated by the dwr/test/ PATH_INFO.
network
low complexity
scadabr CWE-79
6.1