Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-7785 | 7.5 |
In Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command injection allows authentication bypass.
|
03-10-2019 - 00:03 | 03-07-2018 - 14:29 | |
CVE-2018-7784 | 7.5 |
In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs when the submitted data of an input string is evaluated as a command by the application. In this way, the attacker could execute code, read the stack, or ca
|
30-09-2019 - 13:37 | 03-07-2018 - 14:29 | |
CVE-2018-7787 | 5.0 |
In Schneider Electric U.motion Builder software versions prior to v1.3.4, this vulnerability is due to improper validation of input of context parameter in HTTP GET request.
|
28-08-2018 - 13:45 | 03-07-2018 - 14:29 | |
CVE-2018-7786 | 4.3 |
In Schneider Electric U.motion Builder software versions prior to v1.3.4, a cross site scripting (XSS) vulnerability exists which could allow injection of malicious scripts.
|
28-08-2018 - 13:44 | 03-07-2018 - 14:29 |