Filtered by vendor Openplcproject
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-31630 | 1 Openplcproject | 2 Openplc V3, Openplc V3 Firmware | 2022-05-03 | 8.8 High |
| Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application. | ||||
| CVE-2021-3351 | 1 Openplcproject | 1 Openplc | 2021-08-09 | 5.4 Medium |
| OpenPLC runtime V3 through 2016-03-14 allows stored XSS via the Device Name to the web server's Add New Device page. | ||||
| CVE-2021-26828 | 1 Openplcproject | 1 Scadabr | 2021-06-21 | 8.8 High |
| OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm. | ||||
| CVE-2021-26829 | 1 Openplcproject | 1 Scadabr | 2021-06-21 | 5.4 Medium |
| OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows stored XSS via system_settings.shtm. | ||||
| CVE-2018-20818 | 1 Openplcproject | 4 Openplc V2, Openplc V2 Firmware, Openplc V3 and 1 more | 2019-04-23 | N/A |
| A buffer overflow vulnerability was discovered in the OpenPLC controller, in the OpenPLC_v2 and OpenPLC_v3 versions. It occurs in the modbus.cpp mapUnusedIO() function, which can cause a runtime crash of the PLC or possibly have unspecified other impact. | ||||
Page 1 of 1.