Dreambox WebControl 2.0.0 - Cross-Site Scripting

Dream Multimedia Dreambox devices via their WebControl component are vulnerable to reflected cross-site scripting, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI. id: CVE-2017-15287 info: name: Dreambox WebControl 2.0.0 - Cross-Site Scripting author:...

EUVD-2017-6744

Malware in sbrugna...

Dream Multimedia Dreambox Device BouquetEditor WebPlugin Cross-Site Scripting Vulnerability

Dream Multimedia Dreambox devices is a Linux-based digital TV set-top box produced by Dream Multimedia, Germany.BouquetEditor WebPlugin is one of the plug-ins with channel naming, sorting and other functions. A cross-site scripting vulnerability exists in the BouquetEditor WebPlugin in Dream...

Dreambox Plugin BouquetEditor - Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Vulnerability XSS - Dreambox Shodan Dork: Dreambox 200 Date: 12/10/2017 Exploit Author: Thiago "THX" Sena Vendor Homepage: https://www.dreamboxupdate.com Version: 2.0.0 Tested on: kali linux, windows 7, 8.1, 10 CVE :...

DreamBox BouquetEditor 2.0.0 Cross Site Scripting

Exploit Title: Vulnerability XSS - Dreambox Shodan Dork: Dreambox 200 Date: 12/10/2017 Exploit Author: Thiago "THX" Sena Vendor Homepage: https://www.dreamboxupdate.com Version: 2.0.0 Tested on: kali linux, windows 7, 8.1, 10 CVE : CVE-2017-15287 Vulnerabilty: Cross-site scripting XSS in plugin...

CVE-2017-15287

There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI...

CVE-2017-15287

There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI...

Cross site scripting

There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI...

CVE-2017-15287

There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI...

CVE-2017-15287

Dream Multimedia Dreambox devices with the BouquetEditor WebPlugin (Dreambox WebControl 2.0.0) are vulnerable to reflected XSS, as shown in the Bouquet name field or the /file URI parameter. The issue is triggered via user-supplied input processed by the WebControl component, allowing arbitrary J...

Dreambox Plugin BouquetEditor - Cross-Site Scripting

Dreambox Plugin BouquetEditor - Cross-Site Scripting Exploit Title: Vulnerability XSS - Dreambox Shodan Dork: Dreambox 200 Date: 12/10/2017 Exploit Author: Thiago "THX" Sena Vendor Homepage: https://www.dreamboxupdate.com Version: 2.0.0 Tested on: kali linux, windows 7, 8.1, 10 CVE : CVE-2017-152...

Dreambox Plugin BouquetEditor - Cross-Site Scripting

Exploit Title: Vulnerability XSS - Dreambox Shodan Dork: Dreambox 200 Date: 12/10/2017 Exploit Author: Thiago "THX" Sena Vendor Homepage: https://www.dreamboxupdate.com Version: 2.0.0 Tested on: kali linux, windows 7, 8.1, 10 CVE : CVE-2017-15287 Vulnerabilty: Cross-site scripting XSS in plugin...