VYPR
Vendor

Cmscontrol

Products
5
CVEs
4
Across products
6
Status
Private

Products

5

Recent CVEs

4
  • CVE-2009-3326Sep 23, 2009
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in CMScontrol Content Management System 7.x allows remote attackers to execute arbitrary SQL commands via the id_menu parameter.

  • CVE-2023-6333Dec 7, 2023
    risk 0.00cvss epss 0.00

    The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's session.

  • CVE-2018-18882Mar 17, 2019
    risk 0.00cvss epss 0.01

    A stored cross-site scripting (XSS) issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can inject arbitrary script via setup.html in the web interface.

  • CVE-2018-18881Mar 17, 2019
    risk 0.00cvss epss 0.02

    A Denial of Service (DOS) issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. An authenticated user can configure invalid network settings, stopping TCP based communications to the device. A…