7637 matches found
CVE-2009-2046
CVE-2009-2046 affects Cisco Video Surveillance 2500 Series IP Camera firmware before 2.1. The embedded web server on the camera’s HTTP/HTTPS interfaces (SD Camera Web Server and Wireless Camera HTTP Server) allows remote access to read arbitrary files, exposing sensitive data. Root cause is an in...
Design/Logic Flaw
img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote authenticated users to read arbitrary files in img/ via a filename in the nextfile parameter, as demonstrated by reading .htpasswd to obtain the admin password, a different vulnerabili...
CVE-2009-1555
The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 sends configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by reading the SetupWizard.exe process memory, a...
CVE-2009-1557
Multiple cross-site scripting XSS vulnerabilities on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allow remote attackers to inject arbitrary web script or HTML via the nextfile parameter to 1 main.cgi, 2 img/main.cgi, or 3 adm/file.cgi; or 4 the thisfile...
CVE-2009-1559
Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the thisfile parameter. NOTE: traversal via a .. dot dot is probably als...
CVE-2009-1560
The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 stores passwords and wireless-network keys in cleartext in 1 passwd.htm and 2 Wsecurity.htm, which allows remote attackers to obtain sensitive information by reading the HTML source code...
Directory traversal
Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. encoded dot dot or an absolute pathname in the nextfile parameter...
CVE-2009-1556
img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote authenticated users to read arbitrary files in img/ via a filename in the nextfile parameter, as demonstrated by reading .htpasswd to obtain the admin password, a different vulnerabili...
CVE-2009-1555
The Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 sends configuration data in response to a Setup Wizard remote-management command, which allows remote attackers to obtain sensitive information such as passwords by reading the SetupWizard.exe process memory, a...
CVE-2009-1555
The CVE-2009-1555 entry concerns the Cisco Linksys WVC54GCA wireless video camera. Affected firmware is 1.00R22 and 1.00R24. The issue arises when the device responds to a Setup Wizard remote-management command by exposing configuration data, enabling remote attackers to obtain sensitive informat...
EUVD-2009-1554
Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. encoded dot dot or an absolute pathname in the nextfile parameter...
CVE-2009-1559
The CVE-2009-1559 entry relates to an absolute path traversal vulnerability in the adm/file.cgi component of the Cisco Linksys WVC54GCA wireless video camera. Affected firmware is listed as 1.00R24 and possibly 1.00R22. The vulnerability allows remote attackers to read arbitrary files by supplyin...
CVE-2009-1558
Cisco Linksys WVC54GCA cameras with firmware 1.00R22/1.00R24 are vulnerable to local file inclusion in adm/file.cgi via the next_file parameter (using %2e or an absolute pathname). This allows reading arbitrary files on the device. The Nuclei template confirms a Local File Inclusion against the s...
CVE-2009-1556
CVE-2009-1556 (Linksys WVC54GCA) affects Cisco Linksys WVC54GCA wireless video camera firmware 1.00R22 and 1.00R24. The flaw is in the img/main.cgi component, where an attacker with remote authentication can read arbitrary files from the img/ directory by supplying a filename in the next_file par...
Linksys WVC54GCA Wireless-G '/img/main.cgi' Information Disclosure
The remote host is a Linksys WVC54GCA network camera. The version of the firmware of the remote camera contains a flaw that allows authenticated users to download the .htpasswd file from the remote host, which gives them the ability to crack the passwords of other users, including the password of...
Fedora Update for kdegraphics FEDORA-2007-2985
Check for the Version of kdegraphics OpenVAS Vulnerability Test Fedora Update for kdegraphics FEDORA-2007-2985 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
CVE-2008-6295
Multiple cross-site scripting XSS vulnerabilities in Camera Life 2.6.2b8 allow remote attackers to inject arbitrary web script or HTML via the q parameter to 1 search.php and 2 rss.php; the query string after the image name in 3 photos/photo; the path parameter to 4 folder.php; page parameter and...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Camera Life 2.6.2b8 allow remote attackers to inject arbitrary web script or HTML via the q parameter to 1 search.php and 2 rss.php; the query string after the image name in 3 photos/photo; the path parameter to 4 folder.php; page parameter and...
CVE-2008-6295
CVE-2008-6295 concerns multiple XSS vulnerabilities in Camera Life 2.6.2b8. The affected software exposes several input vectors that allow injection of arbitrary script/HTML via query strings and URL params: (1) q parameter to search.php and rss.php; (2) the query string after the image name to p...
Fedora Update for zoneminder FEDORA-2008-3462
Check for the Version of zoneminder OpenVAS Vulnerability Test Fedora Update for zoneminder FEDORA-2008-3462 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...