65 matches found
HUAWEI EMUI/Magic UI 安全漏洞
Huawei Emui is a mobile operating system developed on Android. magic Ui is a mobile operating system developed on Android. a security vulnerability exists in Huawei Emui and Magic UI, which stems from improper access control of the video module. An attacker could exploit this vulnerability to...
CVE-2021-40063
Technical details for CVE-2021-40063 are not publicly available in the provided documents. Monitor for updates.
CVE-2021-40063
There is an improper access control vulnerability in the video module. Successful exploitation of this vulnerability may affect confidentiality...
PHP Melody v3.0 - (submitted) Persistent XSS Vulnerability
Document Title: =============== PHP Melody v3.0 - submitted Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2292 Bulletin: https://www.phpsugar.com/blog/2021/09/php-melody-3-0-vulnerability-report-fix/ Release Date:...
PT-2021-7406 · Qualcomm · Qualcomm Snapdragon Mobile +5
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Auto versions affected versions not specified Qualcomm Snapdragon Compute versions affected versions not specified Qualcomm Snapdragon Connectivity versions affected versions not specified Qualcomm Snapdragon Industrial IO...
armlsblog.com XSS vulnerability
Open Bug Bounty ID: OBB-625537 Description| Value ---|--- Affected Website:| armlsblog.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
PHPCMS /phpcms/modules/video/video_for_ck.php SQL注入
No description provided by source...
CVE-2015-3362
Cross-site scripting XSS vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML via a node title...
Cross site scripting
Cross-site scripting XSS vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML via a node title...
CVE-2015-3362
CVE-2015-3362 affects Drupal’s Video module (7.x-2.x) prior to 7.x-2.11. The vulnerability arises from insufficient sanitization of node titles when using the video WYSIWYG plugin, enabling XSS by remote authenticated users. Affected versions are Video 7.x-2.x from 7.x-2.2-beta1 through 7.x-2.10....
CVE-2015-3362
Cross-site scripting XSS vulnerability in the Video module before 7.x-2.11 for Drupal, when using the video WYSIWYG plugin, allows remote authenticated users to inject arbitrary web script or HTML via a node title...
Multiple Cross-Site Scripting Vulnerabilities in Drupal Video Module
Drupal is a free and open source content management system developed in PHP. Multiple cross-site scripting vulnerabilities exist in the Drupal Video module because it fails to properly filter user-supplied input. An attacker could potentially exploit these vulnerabilities to execute arbitrary...
SA-CONTRIB-2015-018 - Video - Cross Site Scripting (XSS)
This module enables you to upload, convert and playback videos. The module doesn't sufficiently sanitize node titles when using the video WYSIWYG plugin, thereby opening a Cross Site Scripting XSS vulnerability. This vulnerability is mitigated by the fact that an attacker must have a role with th...
CVE-2013-0224
The Video module 7.x-2.x before 7.x-2.9 for Drupal, when using the FFmpeg transcoder, allows local users to execute arbitrary PHP code by modifying a temporary PHP file...
Code injection
The Video module 7.x-2.x before 7.x-2.9 for Drupal, when using the FFmpeg transcoder, allows local users to execute arbitrary PHP code by modifying a temporary PHP file...
CVE-2013-0224
The CVE-2013-0224 vulnerability affects the Drupal Video module (7.x-2.x) prior to 7.x-2.9 when using the FFmpeg transcoder. A local attacker can cause arbitrary PHP code execution by modifying a temporary PHP file used to store FFmpeg-related data; exploitation relies on write access to that tem...
CVE-2013-0224
The Video module 7.x-2.x before 7.x-2.9 for Drupal, when using the FFmpeg transcoder, allows local users to execute arbitrary PHP code by modifying a temporary PHP file...
Drupal Video Module 任意PHP代码执行漏洞
BUGTRAQ ID: 57525 Drupal是一款开源的内容管理平台。 Drupal Video 7.x-2.x模块存在任意PHP代码执行漏洞,攻击者可利用此漏洞在Web服务器上下文中执行任意PHP代码。 0 Drupal Video module 厂商补丁: Drupal ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://drupal.org/project/video...
Social Engine v4.2.5 - Multiple Web Vulnerabilities
Title: ====== Social Engine v4.2.5 - Multiple Web Vulnerabilities Date: ===== 2012-07-31 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=672 VL-ID: ===== 672 Common Vulnerability Scoring System: ==================================== 3 Abstract: ========= A Laboratory...
CVE-2012-2154
Cross-site scripting XSS vulnerability in the CDN2 Video module 6.x for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...