|
291801
|
- |
|
siemens
|
simatic_pcs7
wincc
|
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly represent WebNavigator credentials in a database, which makes it easier for remote authenticated…
|
CWE-255
Credentials Management
|
CVE-2013-0678
|
2024-11-21 10:47 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291802
|
- |
|
siemens
|
simatic_pcs7
wincc
|
The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a craft…
|
CWE-200
Information Exposure
|
CVE-2013-0677
|
2024-11-21 10:47 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291803
|
- |
|
siemens
|
simatic_pcs7
wincc
|
Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote auth…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2013-0676
|
2024-11-21 10:47 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291804
|
- |
|
siemens
|
simatic_pcs7
wincc
|
Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a deni…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0675
|
2024-11-21 10:47 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291805
|
- |
|
siemens
|
simatic_pcs7
wincc
|
Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long p…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0674
|
2024-11-21 10:47 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291806
|
- |
|
siemens
|
wincc_tia_portal
|
Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0672
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291807
|
- |
|
siemens
|
wincc_tia_portal
|
Directory traversal vulnerability in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to read HMI web-application source code and user-defined scripts via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2013-0671
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291808
|
- |
|
siemens
|
wincc_tia_portal
|
CRLF injection vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a cra…
|
CWE-20
Improper Input Validation
|
CVE-2013-0670
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291809
|
- |
|
siemens
|
wincc_tia_portal
|
The HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to cause a denial of service (daemon crash) via a crafted HTTP request.
|
CWE-20
Improper Input Validation
|
CVE-2013-0669
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291810
|
- |
|
siemens
|
wincc_tia_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in the HMI web application in Siemens WinCC (TIA Portal) 11 allow remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0668
|
2024-11-21 10:47 |
2013-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
