Lucene search
K

4 matches found

Drupal
Drupal
added 2014/06/18 12:0 a.m.28 views

SA-CONTRIB-2014-061 - VideoWhisper Webcam Plugins - Cross Site Scripting (XSS) - Unsupported

Includes multiple modules for video communications including room listing, pay per view access control. The module doesn't sufficiently filter user supplied text from the url reflected cross site scripting. No special permissions are required to exploit this issue. There are no mitigating factors...

4.3CVSS6.5AI score0.01158EPSS
Exploits1References10
securityvulns
securityvulns
added 2014/05/04 12:0 a.m.84 views

[CVE-2014-2715] Cross-site scripting (XSS) vulnerability in Videowhisper

Vulnerability title: Cross-site scripting XSS vulnerability in Videowhisper CVE: CVE-2014-2715 Vendor: VideoWhisper Product: Videowhisper module for Drupal 7 Affected version: 7 Fixed version: Reported by: Mahmoud Ghorbanzadeh Details: Hello, I found Cross-site scripting XSS vulnerability in the...

4.3CVSS2.9AI score0.01158EPSS
Exploits1
CVE
CVE
added 2014/04/28 2:0 p.m.51 views

CVE-2014-2715

VideoWhisper Webcam Plugins (Drupal 7.x) are affected by CVE-2014-2715 due to cross-site scripting in vwrooms/templates/logout.tpl.php. The vulnerability allows injecting arbitrary script via the module or message parameters in index.php, caused by reflected user input. Impact is XSS; exploit det...

4.3CVSS5.8AI score0.01158EPSS
Exploits1References3Affected Software1
Packet Storm
Packet Storm
added 2014/04/25 12:0 a.m.64 views

VideoWhisper 7 Cross Site Scripting

Vulnerability title: Cross-site scripting XSS vulnerability in Videowhisper CVE: CVE-2014-2715 Vendor: VideoWhisper Product: Videowhisper module for Drupal 7 Affected version: 7 Fixed version: Reported by: Mahmoud Ghorbanzadeh Details: Hello, I found Cross-site scripting XSS vulnerability in the...

4.3CVSS0.6AI score0.01158EPSS
Exploits1
Rows per page
Query Builder