MG Strategy+ - KasperskyThreat Landscape for Industrial Automation Systems H1 2018 – Kaspersky Lab ICS CERT

MG Strategy+

Cybersecurity Data Services

Join Now-Sign Up
Log In

Threat Landscape for Industrial Automation Systems H1 2018 – Kaspersky Lab ICS CERT

Editor Paper Extracts
Editor Picks Articles
Editor Picks Maps
Editor Picks Reports
MGS+ EPCM Workgroup
MGS+ ICS Workgroup
MGS+ Operational Efficiencies Workgroup
MGS+ Partners
Uncategorized

001 MGS Alerts Advisories

CVE-2024-35780 | Live Composer Team Page Builder Plugin up to 1.5.42 on WordPress deserialization
CVE-2023-48759 | Crocoblock JetElements for Elementor Plugin up to 2.6.13 on WordPress authorization
CVE-2024-35765 | Wpsoul Greenshift Plugin up to 8.8.9.1 on WordPress cross site scripting
Cryptographic Accumulators in Rust
CVE-2024-6195 | itsourcecode Tailoring Management System 1.0 orderadd.php customer sql injection
CVE-2024-6194 | itsourcecode Tailoring Management System 1.0 editmeasurement.php id sql injection
CVE-2024-6196 | itsourcecode Banking Management System 1.0 admin_class.php username sql injection
CVE-2024-6193 | itsourcecode Vehicle Management System 1.0 driverprofile.php driverid sql injection
CVE-2024-6196 | itsourcecode Banking Management System 1.0 admin_class.php username sql injection
CVE-2024-6188 | Parsec Automation TrackSYS 11.x.x pagedefinition ID direct request
CVE-2024-6194 | itsourcecode Tailoring Management System 1.0 editmeasurement.php id sql injection
CVE-2024-6193 | itsourcecode Vehicle Management System 1.0 driverprofile.php driverid sql injection
CVE-2024-6189 | Tenda A301 15.13.08.12 /goform/WifiExtraSet fromSetWirelessRepeat wpapsk_crypto stack-based overflow
CVE-2024-6190 | itsourcecode Farm Management System 1.0 Login index.php username sql injection
CVE-2024-6195 | itsourcecode Tailoring Management System 1.0 orderadd.php customer sql injection
VDB-269161 | Backdoor.Win32.Plugx McAfeeOEMInfoOME Service mcutil.dll permission
CVE-2024-6191 | itsourcecode Student Management System 1.0 Login Page login.php user sql injection
CVE-2024-6192 | itsourcecode Loan Management System 1.0 Login Page login.php username sql injection
CVE-2005-0709 | Sun MySQL up to 4.1.10 udf_init code injection (Nessus ID 21926 / ID 117956)
CVE-2006-0844 | Leif M. Wright Web Blog 3.5 Blog.CGI Remote Code Execution (XFDB-24755 / BID-16714)
CVE-2006-0781 | PerlBlog 1.08/1.09/1.09b weblog.pl month path traversal (XFDB-24690 / BID-16707)
CVE-2020-11457 | pfSense up to 2.4.4 WebGUI system_usermanager_addprivs.php descr Stored cross site scripting (ID 157104 / EDB-48300)
CVE-2005-0741 | YaBB 2.0 Rc1 yabb.pl username cross site scripting (Nessus ID 17305 / XFDB-19671)
CVE-2006-0843 | Leif M. Wright Web Blog 3.5 information disclosure (XFDB-24752 / BID-16712)
CVE-2006-0780 | PerlBlog 1.08/1.09/1.09b weblog.pl cross site scripting (XFDB-24691 / BID-16707)
CVE-2006-0782 | PerlBlog 1.08/1.09/1.09b weblog.pl body memory corruption (XFDB-24692 / BID-16707)
CVE-2006-0377 | SquirrelMail up to 1.4.6 Rc1 IMAP mailbox unknown vulnerability (Nessus ID 21992 / ID 117709)
CVE-2006-0845 | Leif M. Wright Web Blog 3.5 privileges management (XFDB-24757 / SA18923)
CVE-2006-1481 | PHP Ticket 0.71 search.php frm_search_in sql injection (EDB-1609 / XFDB-25436)
CVE-2019-7051 | Adobe Acrobat Reader null pointer dereference (APSB19-07 / ID 371638)
CVE-2023-3204 | Materialis Plugin up to 1.1.24 on WordPress Options authorization
CVE-2024-3597 | Export WP Page to Static HTML-CSS Plugin up to 2.2.2 on WordPress redirect
CVE-2023-36512 | Woo AutomateWoo Plugin up to 5.7.5 on WordPress authorization
CVE-2023-35050 | Elementor Pro Plugin up to 3.13.0 on WordPress authorization
CVE-2024-34444 | ThemePunch OHG Slider Revolution Plugin up to 6.6.x on WordPress authorization
CVE-2024-3605 | WP Hotel Booking Plugin up to 2.1.0 on WordPress sql injection
CVE-2024-3562 | Custom Field Suite Plugin up to 2.6.7 on WordPress Loop Custom Field code injection
CVE-2023-36676 | Brainstorm Force Spectra Plugin up to 2.6.6 on WordPress authorization
CVE-2024-3627 | Wheel of Life Plugin up to 1.1.7 on WordPress AJAX Endpoint authorization
CVE-2024-3602 | Pop Ups, Exit Intent Popups, Email Popups, Banners, Bars, Countdowns and Cart Savers Plugin authorization
CVE-2024-34443 | ThemePunch OHG Slider Revolution Plugin up to 6.7.10 on WordPress cross site scripting
CVE-2024-35765 | Wpsoul Greenshift Plugin bis 8.8.9.1 auf WordPress Cross Site Scripting
CVE-2024-35780 | Live Composer Team Page Builder Plugin bis 1.5.42 auf WordPress erweiterte Rechte
CVE-2023-47681 | QuadLayers WooCommerce Checkout Manager Plugin bis 7.3.0 auf WordPress erweiterte Rechte
CVE-2023-45658 | Posimyth Nexter Plugin up to 2.0.3 on WordPress authorization
CVE-2024-5432 | Lifeline Donation Plugin up to 1.2.6 on WordPress improper authentication
CVE-2023-39998 | Muffingroup Betheme Plugin up to 27.1.1 on WordPress authorization
CVE-2022-26925 | Microsoft Windows up to Server 2022 LSA Remote Code Execution
CVE-2022-4710 | Royal Elementor Addons Plugin up to 1.3.59 on WordPress data_fetch wpr_ajax_search_link_target cross site scripting
CVE-2022-4702 | Royal Elementor Addons Plugin up to 1.3.59 on WordPress AJAX Action wpr_fix_royal_compatibility access control

MG Strategy+ Industrial Control Systems Group @2019

KAVI MGS iSTRACIN Platform v 02.25 Wednesday, July 16, 2025

Disclaimer |
Terms |
Privacy
About-Services |
Blog-Reports
YouTube
Pinterest
LinkedIn
Twitter
LinkedIn
Twitter
Connect-Contact

Login

Login to integratus systems Exchange Platform Services

Forgot password?

Register Now

Hello

Your Account Type is
Your Mail Id is
Your Username is

PDF Library Search

Security Briefing Search

Kaspersky Search

Reset Password

Reset Password

You have no permission to access this content