Lucene search
K

32 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8421

Malware in sbrugna...

4.3CVSS6.2AI score0.0164EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-4375

Malware in sbrugna...

5.8CVSS6.4AI score0.00649EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-4374

Malware in sbrugna...

4.9CVSS6.4AI score0.01076EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 1:11 a.m.7 views

CVE-2014-8584

Cross-site scripting XSS vulnerability in the Web Dorado Spider Video Player aka WordPress Video Player plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.0164EPSS
Exploits0References1
Patchstack
Patchstack
added 2016/07/20 12:0 a.m.6 views

WordPress Spider Video Player Plugin <= 2.1 - Reflected Cross Site Scripting

This plugin is prone to a cross site scripting vulnerability via "get" parameter. Solution Upgrade the plugin...

2.7AI score
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2016/04/11 12:0 a.m.18 views

Wordpress Spider Video Player插件-settings.php文件-跨站脚本漏洞

No description provided by source...

7.1AI score
Exploits0
NVD
NVD
added 2015/06/15 2:59 p.m.12 views

CVE-2015-4352

Cross-site request forgery CSRF vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via unspecified vectors...

5.8CVSS7.1AI score0.00649EPSS
Exploits0References3
Prion
Prion
added 2015/06/15 2:59 p.m.13 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via unspecified vectors...

5.8CVSS7.6AI score0.00649EPSS
Exploits0References3
Prion
Prion
added 2015/06/15 2:59 p.m.13 views

Code injection

The Spider Video Player module for Drupal allows remote authenticated users with the "access Spider Video Player administration" permission to delete arbitrary files via a crafted URL...

4.9CVSS6.8AI score0.01076EPSS
Exploits0References3
Cvelist
Cvelist
added 2015/06/15 2:0 p.m.22 views

CVE-2015-4352

Cross-site request forgery CSRF vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via unspecified vectors...

7.1AI score0.00649EPSS
Exploits0References3
CVE
CVE
added 2015/06/15 2:0 p.m.47 views

CVE-2015-4352

The CVE-2015-4352 entry concerns the Drupal Spider Video Player module. Multiple sources confirm a CSRF vulnerability that can cause an administrator’s authenticated session to be used to delete videos via specially crafted requests (vectors not specified). Impact is limited to admin actions like...

5.8CVSS7.3AI score0.00649EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2015/06/15 2:0 p.m.48 views

CVE-2015-4351

CVE-2015-4351 affects the Drupal Spider Video Player module. Remote authenticated users with the access Spider Video Player administration permission could delete arbitrary files via a crafted URL. The issue stems from insufficient validation of delete requests (and related CSRF protections) in t...

4.9CVSS6.5AI score0.01076EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2015/02/28 12:0 a.m.4 views

Multiple vulnerabilities in Drupal Spider Video Player module

Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. Arbitrary file deletion and cross-site request forgery vulnerabilities in the Drupal Spider Video Player module allow an attacker to exploit these vulnerabilities by...

5.8CVSS7.3AI score0.01076EPSS
Exploits0References1
Drupal
Drupal
added 2015/02/25 12:0 a.m.18 views

SA-CONTRIB-2015-059 - Spider Video Player - Multiple vulnerabilities - Unsupported

Spider Video Player module enables you to add HTML5 and Flash videos to your site. The module doesn't sufficiently check user input when deleting files. A malicious user could delete arbitrary files by making a request to a specially-crafted URL. This vulnerability is mitigated by the fact that t...

5.8CVSS6.3AI score0.01076EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2014/11/07 12:0 a.m.19 views

WordPress Web Dorado Spider Video Player XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

4.3CVSS6.7AI score0.0164EPSS
Exploits0References1
NVD
NVD
added 2014/11/04 3:55 p.m.19 views

CVE-2014-8584

Cross-site scripting XSS vulnerability in the Web Dorado Spider Video Player aka WordPress Video Player plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.8AI score0.0164EPSS
Exploits0References1
Prion
Prion
added 2014/11/04 3:55 p.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Web Dorado Spider Video Player aka WordPress Video Player plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.2AI score0.0164EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2014/11/04 12:0 a.m.30 views

WordPress Spider Video Player Plugin <= 1.5.1 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via unspecified vectors. Solution Update the plugin...

4.3CVSS3AI score0.0164EPSS
Exploits0References1Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2014/08/29 7:27 a.m.21 views

joomla spider video, 2.8.3, sqli

joomla spider video, 2.8.3, SQL Injection UpdateNoticeURL http://web-dorado.com/products/joomla-player.html...

1.2AI score
Exploits0
OpenVAS
OpenVAS
added 2014/08/27 12:0 a.m.17 views

Joomla! Spider Video Player Component <= 2.8.3 SQLi Vulnerability - Active Check

Joomla! Spider video player Component is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.6AI score
Exploits0References1
Rows per page
Query Builder