Product
schneider electric u.motion builder
24 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2018-7841
CVE-2018-7787
CVE-2018-7786
CVE-2018-7785
CVE-2018-7777
CVE-2018-7776
CVE-2018-7774
CVE-2018-7773
CVE-2018-7772
CVE-2018-7771
CVE-2018-7769
CVE-2018-7768
CVE-2018-7767
CVE-2018-7766
CVE-2018-7765
CVE-2018-7764
CVE-2018-7763
CVE-2017-9960
CVE-2017-9959
CVE-2017-9958
CVE-2017-9957
CVE-2017-9956
CVE-2017-7974
CVE-2017-7973
all versions
A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unwanted code execution
< 1.3.4
In Schneider Electric U.motion Builder software versions prior to v1.3.4, this vulnerability is due to improper validation of inpu
< 1.3.4
In Schneider Electric U.motion Builder software versions prior to v1.3.4, a cross site scripting (XSS) vulnerability exists which
< 1.3.4
In Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command injection allows authentication bypass.
< 1.3.4
The vulnerability is due to insufficient handling of update_file request parameter on update_module.php in Schneider Electric U.mo
< 1.3.4
The vulnerability exists within error.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. System informa
< 1.3.4
The vulnerability exists within processing of localize.php in Schneider Electric U.motion Builder software versions prior to v1.3.
< 1.3.4
The vulnerability exists within processing of nfcserver.php in Schneider Electric U.motion Builder software versions prior to v1.3
< 1.3.4
The vulnerability exists within processing of applets which are exposed on the web service in Schneider Electric U.motion Builder
< 1.3.4
The vulnerability exists within processing of editscript.php in Schneider Electric U.motion Builder software versions prior to v1.
< 1.3.4
The vulnerability exists within processing of xmlserver.php in Schneider Electric U.motion Builder software versions prior to v1.3
< 1.3.4
The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v
< 1.3.4
The vulnerability exists within processing of editobject.php in Schneider Electric U.motion Builder software versions prior to v1.
< 1.3.4
The vulnerability exists within processing of track_getdata.php in Schneider Electric U.motion Builder software versions prior to
< 1.3.4
The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions pri
< 1.3.4
The vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. The
< 1.3.4
The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The 'css' pa
<= 1.2.1
An information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which
<= 1.2.1
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the system accepts rebo
<= 1.2.1
An improper access control vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in whic
<= 1.2.1
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which the web service contain
<= 1.2.1
An authentication bypass vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which
<= 1.2.1
A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and
<= 1.2.1
A SQL injection vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior in which an unauth