| Max CVSS | 7.8 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2014-5399 | 7.5 |
SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
02-11-2015 - 18:06 | 28-08-2014 - 01:55 | |
| CVE-2014-5397 | 4.3 |
Cross-site scripting (XSS) vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
21-10-2015 - 16:21 | 28-08-2014 - 01:55 | |
| CVE-2014-5398 | 2.1 |
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, related to
|
28-08-2014 - 15:22 | 28-08-2014 - 01:55 | |
| CVE-2014-2381 | 2.1 |
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows local users to obtain sensitive information by reading a credential file. <a href="http://cwe.mitre.org/data/definitions/326.html" ta
|
28-08-2014 - 15:07 | 28-08-2014 - 01:55 | |
| CVE-2014-2380 | 7.8 |
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak encryption, which allows remote attackers to obtain sensitive information by reading a credential file. <a href="http://cwe.mitre.org/data/definitions/326.htm
|
28-08-2014 - 15:01 | 28-08-2014 - 01:55 |