Skip to main content
CVE-2013-0672 LOW Monitor

Cross-site scripting (XSS) vulnerability in the HMI web application in Siemens WinCC (TIA Portal) 11 allows remote authenticated users to inject arbitrary web script or HTML via unspecified data. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Siemens XSS Wincc Tia Portal
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-0453 LOW Monitor

Cross-site scripting (XSS) vulnerability in Web Reports in IBM Tivoli Endpoint Manager (TEM) before 8.2.1372 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Tivoli Endpoint Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2013-1427 LOW Monitor

The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP. Rated low severity (CVSS 1.9). No vendor patch available.

PHP Debian Authentication Bypass Lighttpd
NVD
CVSS 2.0
1.9
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy