VYPR
Vendor

Scada Lts

Products
4
CVEs
53
Across products
53
Status
Private

Products

4

Recent CVEs

53
View all 53 CVEs →
  • CVE-2024-47407CriNov 22, 2024
    risk 0.74cvss 10.0epss 0.64

    A parameter within a command does not properly validate input within myPRO Manager which could be exploited by an unauthenticated remote attacker to inject arbitrary operating system commands.

  • CVE-2025-20061CriJan 29, 2025
    risk 0.64cvss 9.8epss 0.01

    mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system.

  • CVE-2025-20014CriJan 29, 2025
    risk 0.64cvss 9.8epss 0.01

    mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affected system.

  • CVE-2018-11311CriMay 20, 2018
    risk 0.63cvss 9.1epss 0.16

    A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.

  • CVE-2017-12730HigOct 6, 2017
    risk 0.51cvss 7.8epss 0.01

    An Unquoted Search Path issue was discovered in mySCADA myPRO Versions 7.0.26 and prior. Application services utilize unquoted search path elements, which could allow an attacker to execute arbitrary code with elevated privileges.

  • CVE-2025-13791MedNov 30, 2025
    risk 0.41cvss 6.3epss 0.00

    A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common.getHomeDir of the file br/org/scadabr/vo/exporter/ZIPProjectManager.java of the component Project Import. Such manipulation leads to path traversal. The attack may be launched remotely.…

  • CVE-2018-11517MedMay 28, 2018
    risk 0.35cvss 5.3epss 0.02

    mySCADA myPRO 7 allows remote attackers to discover all ProjectIDs in a project by sending all of the prj parameter values from 870000 to 875000 in t=0&rq=0 requests to TCP port 11010.

  • CVE-2025-13790MedNov 30, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early…

  • CVE-2025-9139MedAug 19, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was determined in Scada-LTS 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file /Scada-LTS/dwr/call/plaincall/WatchListDwr.init.dwr. Executing manipulation can lead to information disclosure. The attack may be performed from a remote…

  • CVE-2025-9388LowAug 24, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was determined in Scada-LTS up to 2.7.8.1. This impacts an unknown function of the file watch_list.shtm. Executing manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been publicly…

  • CVE-2025-9235LowAug 20, 2025
    risk 0.23cvss 3.5epss 0.00

    A flaw has been found in Scada-LTS up to 2.7.8.1. The impacted element is an unknown function of the file compound_events.shtm. This manipulation of the argument Name causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published…

  • CVE-2025-9234LowAug 20, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was detected in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file maintenance_events.shtm. The manipulation of the argument Alias results in cross site scripting. The attack can be executed remotely. The exploit is now public and…

  • CVE-2025-9233LowAug 20, 2025
    risk 0.23cvss 3.5epss 0.00

    A security vulnerability has been detected in Scada-LTS up to 2.7.8.1. Impacted is an unknown function of the file view_edit.shtm. The manipulation of the argument Name leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed…

  • CVE-2025-9145LowAug 19, 2025
    risk 0.23cvss 3.5epss 0.00

    A security vulnerability has been detected in Scada-LTS 2.7.8.1. This issue affects some unknown processing of the file view_edit.shtm of the component SVG File Handler. Such manipulation of the argument backgroundImageMP leads to cross site scripting. The attack can be launched…

  • CVE-2025-9144LowAug 19, 2025
    risk 0.23cvss 3.5epss 0.00

    A weakness has been identified in Scada-LTS 2.7.8.1. This vulnerability affects unknown code of the file publisher_edit.shtm. This manipulation of the argument Name causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the…

  • CVE-2025-9143LowAug 19, 2025
    risk 0.23cvss 3.5epss 0.00

    A security flaw has been discovered in Scada-LTS 2.7.8.1. This affects an unknown part of the file mailing_lists.shtm. The manipulation of the argument name/userList/address results in cross site scripting. It is possible to launch the attack remotely. The exploit has been…

  • CVE-2025-9138LowAug 19, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability was found in Scada-LTS 2.7.8.1. Affected is an unknown function of the file pointHierarchy/new/. Performing manipulation of the argument Title results in cross site scripting. The attack is possible to be carried out remotely. The exploit has been made public and…

  • CVE-2025-9137LowAug 19, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability has been found in Scada-LTS 2.7.8.1. This impacts an unknown function of the file scheduled_events.shtm. Such manipulation of the argument alias leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and…

  • CVE-2025-8743LowAug 8, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability classified as problematic has been found in Scada-LTS up to 2.7.8.1. This affects an unknown part of the file /data_source_edit.shtm of the component Virtual Data Source Property Handler. The manipulation of the argument Name leads to cross site scripting. It is…

  • CVE-2025-7729LowJul 17, 2025
    risk 0.23cvss 3.5epss 0.00

    A vulnerability classified as problematic was found in Scada-LTS up to 2.7.8.1. Affected by this vulnerability is an unknown functionality of the file usersProfiles.shtm. The manipulation of the argument Username leads to cross site scripting. The attack can be launched…