CVE-2007-2239

The CVE-2007-2239 entry describes a stack-based buffer overflow in the SaveBMP method of AxisCamControl.ocx (Axis Camera Control, CamImage ActiveX) affecting AXIS 2100/2110/2120/2130 PTZ, 2420/2420-IR, 2400/2400+, 2401/2401+, 2411, and Panorama PTZ. Root cause: a overflow in SaveBMP handles long ...

JVN#06735665 Canon Network Camera Server VB100 Series vulnerable to cross-site scripting

Impact An arbitrary script may be executed in the camera server management screen. Solution Products Affected VB100 and VB101 firmware Ver. 3.0 Rev.69 and earlier VB150 firmware Ver. 1.1 Rev.39 and earlier...

MDKA-2006:016 : libgphoto

A bug was discovered with libgphoto which was preventing the removal of icons on the desktop in GNOME or in the Devices window in KDE when a digital camera was unplugged. Updated packages have been patched to correct the issue. %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated as...

CVE-2006-6246

Photo Organizer 2.32b and earlier does not properly check the ownership of certain objects, which allows remote attackers to gain unauthorized access via vectors related to 1 camera del, 2 camera edit, 3 folder/album deletion, 4 photo.move, 5 content.indexer, 6 folder.content, and possibly other...

CVE-2006-3603

Cross-site scripting XSS vulnerability in index.php in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL...

CVE-2006-3604

Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to bypass access restrictions for 1 admin/aindex.asp or 2 admin/aindex.html via a .. dot dot and encoded / %2f sequence in the URL...

CVE-2006-3603

Cross-site scripting XSS vulnerability in index.php in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the URL...

CVE-2006-3604

Directory traversal vulnerability in FlexWATCH Network Camera 3.0 and earlier allows remote attackers to bypass access restrictions for 1 admin/aindex.asp or 2 admin/aindex.html via a .. dot dot and encoded / %2f sequence in the URL...

CVE-2006-3604

The CVE-2006-3604 entry corresponds to a directory traversal vulnerability in FlexWATCH Network Camera, affecting version 3.0 and earlier. The flaw allows remote attackers to bypass access restrictions for admin pages (admin/aindex.asp and admin/aindex.html) by crafting a URL containing a .. (dot...

CVE-2006-3603

FlexWATCH Network Camera (versions 3.0 and earlier) contains a cross-site scripting (XSS) flaw in index.php that allows remote attackers to inject arbitrary web script or HTML via the URL. The CVE-2006-3603 entry documents this vulnerability with a MEDIUM severity (CVSS v2: AV:N/AC:M/Au:N/C:P/I:P...

PT-2006-4478 · Flexwatch · Flexwatch Network Camera

Name of the Vulnerable Software and Affected Versions: FlexWATCH Network Camera versions 3.0 and earlier Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the URL. Recommendations: F...

PT-2006-4479 · Flexwatch · Flexwatch Network Camera

Name of the Vulnerable Software and Affected Versions: FlexWATCH Network Camera versions 3.0 and earlier Description: A directory traversal issue allows remote attackers to bypass access restrictions for sensitive pages, such as "admin/aindex.asp" or "admin/aindex.html", by using a ".." dot dot a...

FlexWATCH 3.0 - AIndex.asp Authentication Bypass

FlexWATCH 3.0 - AIndex.asp Authentication Bypass source: https://www.securityfocus.com/bid/18948/info FlexWatch is prone to an authorization-bypass vulnerability. This issue is due to a failure in the application to properly verify user-supplied input. An attacker can exploit this issue to bypass...

FlexWATCH Network Camera - Cross-Site Scripting

FlexWATCH Network Camera - Cross-Site Scripting source: https://www.securityfocus.com/bid/18936/info FlexWATCH Network Camera is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this...

obotix IP Camera M1 1.9.4 .7M10 2.0.5.2 - help Script Cross-Site Scripting

obotix IP Camera M1 1.9.4 .7M10 2.0.5.2 - help Script Cross-Site Scripting source: https://www.securityfocus.com/bid/18022/info The Mobotix IP camera is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the device to properly sanitize user-supplied input...

obotix IP Camera M1 1.9.4 .7M10 2.0.5.2 - events.tar?source_ip Cross-Site Scripting

obotix IP Camera M1 1.9.4 .7M10 2.0.5.2 - events.tar?sourceip Cross-Site Scripting source: https://www.securityfocus.com/bid/18022/info The Mobotix IP camera is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the device to properly sanitize user-suppli...

obotix IP Camera M1 1.9.4 .7/M10 2.0.5.2 - 'events.tar?source_ip' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18022/info The Mobotix IP camera is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the device to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

obotix IP Camera M1 1.9.4 .7/M10 2.0.5.2 - help Script Cross-Site Scripting

source: https://www.securityfocus.com/bid/18022/info The Mobotix IP camera is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the device to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

obotix IP Camera M1 1.9.4 .7/M10 2.0.5.2 - 'eventplayer?get_image_info_abspath' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18022/info The Mobotix IP camera is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the device to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script code...

Linksys Wireless Internet Camera File Disclosure

The Linksys Wireless Internet Camera contains a CGI that allows remote attackers to disclosue sensitive files stored on the server. An attacker may use this CGI to disclosue the password file and from it the password used by the root use the MD5 value. OpenVAS Vulnerability Test $Id:...