Lucene search
K

6 matches found

seebug.org
seebug.org
added 2018/04/28 12:0 a.m.49 views

AXIS Communications - Cross-Site Scripting / Content Injection(CVE-2015-8258)

Technical Details The variable "imagePath=" that is prone to XSS in a large range of products also can be used to resource injection intents. If inserted a URL in this variable will be made an GET request to this URL, so this an interesting point to request malicious codes from the attacker...

7.8CVSS7.4AI score0.08759EPSS
Exploits6
CVE
CVE
added 2017/04/10 3:0 a.m.62 views

CVE-2015-8258

CVE-2015-8258 affects AXIS Communications devices with firmware up to 5.80.x. The issue is a resource injection via the imagePath parameter in view.shtml, enabling XSS/Open Script Editor abuse to potentially cause a URL-based request to attacker-controlled content. The vulnerability arises from h...

7.8CVSS7.5AI score0.08759EPSS
Exploits6References1Affected Software1
0day.today
0day.today
added 2017/03/17 12:0 a.m.57 views

AXIS Communications XSS / Content Inclusion Vulnerabilities

Exploit for hardware platform in category web applications Advisory Information ==================== - Title: ImagePath Resource Injection/Open script editor - Vendor: AXIS Communications - Research and Advisory: Orwelllabs - Class: Improper Input Validation CWE-20 - CVE Name: CVE-2015-8258 -...

7.8CVSS7.5AI score0.08759EPSS
Exploits6
Packet Storm
Packet Storm
added 2017/03/17 12:0 a.m.73 views

AXIS Communications XSS / Content Inclusion

0RWELLL4BS security advisory olsa-2015-8258 PGP: 79A6CCC0 @orwelllabs Advisory Information ==================== - Title: ImagePath Resource Injection/Open script editor - Vendor: AXIS Communications - Research and Advisory: Orwelllabs - Class: Improper Input Validation CWE-20 - CVE Name:...

0.08759EPSS
Exploits6
exploitpack
exploitpack
added 2017/03/17 12:0 a.m.69 views

AXIS Communications - Cross-Site Scripting Content Injection

AXIS Communications - Cross-Site Scripting Content Injection 0RWELLL4BS security advisory olsa-2015-8258 PGP: 79A6CCC0 @orwelllabs Advisory Information ==================== - Title: ImagePath Resource Injection/Open script editor - Vendor: AXIS Communications - Research and Advisory: Orwelllabs -...

7.8CVSS7.4AI score0.08759EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/03/17 12:0 a.m.72 views

AXIS Communications - Cross-Site Scripting / Content Injection

0RWELLL4BS security advisory olsa-2015-8258 PGP: 79A6CCC0 @orwelllabs Advisory Information ==================== - Title: ImagePath Resource Injection/Open script editor - Vendor: AXIS Communications - Research and Advisory: Orwelllabs - Class: Improper Input Validation CWE-20 - CVE Name:...

7.8CVSS7.8AI score0.08759EPSS
Exploits6
Rows per page
Query Builder