CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-34080

The Contec Co.,Ltd. CONPROSYS HMI System (CHS) is vulnerable to Cross-Site Scripting (XSS) in the getqsetting.php functionality that could allow reflected execution of scripts in the browser on interaction.This issue affects CONPROSYS HMI System (CHS): before 3.7.7.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 15.0%

CVSS Severity

CVSS v3 Score 6.1

References

https://jvn.jp/en/vu/JVNVU92266386/

Products affected by CVE-2025-34080

Contec » Conprosys Hmi System » Version: N/A

cpe:2.3:a:contec:conprosys_hmi_system:-
Contec » Conprosys Hmi System » Version: 3.3.0

cpe:2.3:a:contec:conprosys_hmi_system:3.3.0
Contec » Conprosys Hmi System » Version: 3.4.3

cpe:2.3:a:contec:conprosys_hmi_system:3.4.3
Contec » Conprosys Hmi System » Version: 3.4.4

cpe:2.3:a:contec:conprosys_hmi_system:3.4.4
Contec » Conprosys Hmi System » Version: 3.4.5

cpe:2.3:a:contec:conprosys_hmi_system:3.4.5
Contec » Conprosys Hmi System » Version: 3.5.0

cpe:2.3:a:contec:conprosys_hmi_system:3.5.0
Contec » Conprosys Hmi System » Version: 3.5.1

cpe:2.3:a:contec:conprosys_hmi_system:3.5.1
Contec » Conprosys Hmi System » Version: 3.5.2

cpe:2.3:a:contec:conprosys_hmi_system:3.5.2
Contec » Conprosys Hmi System » Version: 3.5.3

cpe:2.3:a:contec:conprosys_hmi_system:3.5.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-34080

Products

Pricing

Contact Us