CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-7526
https://notcve.org/view.php?id=CVE-2020-7526
Improper Input Validation vulnerability exists in PowerChute Business Edition (software V9.0.x and earlier) which could cause remote code execution when a script is executed during a shutdown event. Se presenta una vulnerabilidad de Comprobación de Entrada Inapropiada en PowerChute Business Edition (versiones de software V9.0.x y anteriores) que podría causar una ejecución de código remota cuando es ejecutado un script durante un evento de apagado • https://www.se.com/ww/en/download/document/SEVD-2020-224-05 • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0CVE-2011-4263
https://notcve.org/view.php?id=CVE-2011-4263
Cross-site scripting (XSS) vulnerability in Schneider Electric PowerChute Business Edition before 8.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Schneider Electric PowerChute Business Edition antes de v8.5, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://jvn.jp/en/jp/JVN61695284/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2011-000100 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-4326
https://notcve.org/view.php?id=CVE-2005-4326
The web interface for American Power Conversion (APC) PowerChute Network Shutdown performs all communication in cleartext (base64-encoded), which allows remote attackers to sniff authentication credentials. • http://nam-en.apc.com/cgi-bin/nam_en.cfg/php/enduser/std_adp.php?p_faqid=7330 http://securitytracker.com/alerts/2005/Nov/1015250.html https://exchange.xforce.ibmcloud.com/vulnerabilities/23183 •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 0CVE-2004-2046
https://notcve.org/view.php?id=CVE-2004-2046
Unknown vulnerability in APC PowerChute Business Edition 6.0 through 7.0.1 allows remote attackers to cause a denial of service via unknown attack vectors. • http://marc.info/?l=bugtraq&m=109061480026378&w=2 http://secunia.com/advisories/12124 http://securitytracker.com/id?1010745 http://www.osvdb.org/8187 http://www.securityfocus.com/bid/10777 https://exchange.xforce.ibmcloud.com/vulnerabilities/16767 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2002-1924
https://notcve.org/view.php?id=CVE-2002-1924
PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that directory. • http://online.securityfocus.com/archive/1/277930 http://www.iss.net/security_center/static/9413.php http://www.security.nnov.ru/news2064.html http://www.securityfocus.com/bid/5069 •