5 matches found
EUVD-2009-1555
Malware in sbrugna...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allow remote attackers to inject arbitrary web script or HTML via the nextfile parameter to 1 main.cgi, 2 img/main.cgi, or 3 adm/file.cgi; or 4 the thisfile...
Directory traversal
Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. encoded dot dot or an absolute pathname in the nextfile parameter...
Design/Logic Flaw
img/main.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote authenticated users to read arbitrary files in img/ via a filename in the nextfile parameter, as demonstrated by reading .htpasswd to obtain the admin password, a different vulnerabili...
Linksys WVC54GCA 1.00R221.00R24 (Wireless-G) - Multiple Cross-Site Scripting Vulnerabilities
Linksys WVC54GCA 1.00R221.00R24 Wireless-G - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/34714/info Linksys WVC54GCA Wireless-G Internet Home Monitoring Camera is prone to multiple cross-site scripting vulnerabilities because the software fails to...