Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Schneider Electric SE U.motion Builder

Version U.motion Builder, all versions prior to 1.3.4

OTHER 4 CVEs

Known Vulnerabilities

CVE-2018-7784

In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs when the submitted data of an input string is evaluated as a command by the application. In this way, the attacker could execute code, read the stack, or cause a segmentation fault in the running application.

UNKNOWN Published Jul 03, 2018

CVE-2018-7785

In Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command injection allows authentication bypass.

UNKNOWN Published Jul 03, 2018

CVE-2018-7786

In Schneider Electric U.motion Builder software versions prior to v1.3.4, a cross site scripting (XSS) vulnerability exists which could allow injection of malicious scripts.

UNKNOWN Published Jul 03, 2018

CVE-2018-7787

In Schneider Electric U.motion Builder software versions prior to v1.3.4, this vulnerability is due to improper validation of input of context parameter in HTTP GET request.

UNKNOWN Published Jul 03, 2018