Skip to main content

Smartpower Web

7 CVEs product

Monthly

CVE-2022-45091 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting (XSS).01.01. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Smartpower Web
NVD VulDB
CVSS 3.1
5.4
EPSS
0.2%
CVE-2022-45090 HIGH This Week

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection.01.01. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Smartpower Web
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2022-45089 HIGH This Week

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection.01.01. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Smartpower Web
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2022-45088 CRITICAL Act Now

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows PHP Local File Inclusion.01.01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Smartpower Web
NVD VulDB
CVSS 3.1
9.8
EPSS
0.4%
CVE-2022-45087 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting (XSS).01.01. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Smartpower Web
NVD VulDB
CVSS 3.1
6.1
EPSS
0.2%
CVE-2022-45086 MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting (XSS).01.01. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Smartpower Web
NVD VulDB
CVSS 3.1
5.4
EPSS
0.2%
CVE-2022-45085 MEDIUM This Month

Server-Side Request Forgery (SSRF) vulnerability in Group Arge Energy and Control Systems Smartpower Web allows : Server Side Request Forgery.01.01. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Smartpower Web
NVD VulDB
CVSS 3.1
6.5
EPSS
0.2%
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting (XSS).01.01. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Smartpower Web
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection.01.01. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Smartpower Web
NVD VulDB
EPSS 0% CVSS 8.8
HIGH This Week

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection.01.01. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Smartpower Web
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows PHP Local File Inclusion.01.01. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Smartpower Web
NVD VulDB
EPSS 0% CVSS 6.1
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting (XSS).01.01. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Smartpower Web
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting (XSS).01.01. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Smartpower Web
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM This Month

Server-Side Request Forgery (SSRF) vulnerability in Group Arge Energy and Control Systems Smartpower Web allows : Server Side Request Forgery.01.01. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Smartpower Web
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy