漏洞描述
SIAM Industria de Automação e Monitoramento SIAM是SIAM Industria de Automação e Monitoramento的一款用于管理和配置自动化设备、用户权限及相关功能的软件。 SIAM Industria de Automação e Monitoramento SIAM 2.0版本存在代码注入漏洞,该漏洞源于/qrcode.jsp文件的url参数包含一个跨站脚本问题。
SIAM Industria de Automação e Monitoramento SIAM 代码注入漏洞
PoC代码
暂无相关漏洞推荐
- Ksenia Security Lares 4.0 Home Automation 安全漏洞
- POC CVE-2021-4374: WordPress Automatic Plugin - Unauthenticated Options Change
- Progress Chef Automate /api/v0/compliance/profiles/search SQL 注入漏洞(CVE-2025-8868)
- (CVE-2025-8868)Chef Automate SQL注入漏洞
- WordPress Automatic 插件 /wp-content/plugins/wp-automatic/inc/csv.php SQL 注入漏洞(CVE-2024-27956)
- POC CVE-2021-41291: ECOA Building Automation System - Directory Traversal Content Disclosure
- POC CVE-2021-41293: ECOA Building Automation System - Arbitrary File Retrieval
- POC CVE-2022-22972: VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass
- POC CVE-2022-26833: Open Automation Software OAS Platform V16.00.0121 - Missing Authentication
- POC CVE-2024-27954: WordPress Automatic Plugin <3.92.1 - Arbitrary File Download and SSRF
- POC CVE-2024-27956: WordPress Automatic Plugin <= 3.92.0 - SQL Injection
- POC CVE-2024-6922: Automation Anywhere Automation 360 - Server-Side Request Forgery
- POC CVE-2024-9186: Automation By Autonami < 3.3.0 - SQL Injection