Sdg Pnpscada vulnerabilities
2 known vulnerabilities affecting sdg/pnpscada.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2023-1934P2HIGHCVSS 7.5PoCv2.2008162040202023-05-12
CVE-2023-1934 [HIGH] CWE-89 CVE-2023-1934: The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated er
The PnPSCADA system, a product of SDG Technologies CC, is afflicted by a critical unauthenticated error-based PostgreSQL Injection vulnerability. Present within the hitlogcsv.jsp endpoint, this security flaw permits unauthenticated attackers to engage with the underlying database seamlessly and passively. Consequently, malicious actors could gain access
nvd
CVE-2020-24841P2CRITICALCVSS 9.8v2.2008162040202021-02-16
CVE-2020-24841 [CRITICAL] CWE-89 CVE-2020-24841: PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this
PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
nvd