32 matches found
EUVD-2014-8421
Malware in sbrugna...
EUVD-2015-4375
Malware in sbrugna...
EUVD-2015-4374
Malware in sbrugna...
CVE-2014-8584
Cross-site scripting XSS vulnerability in the Web Dorado Spider Video Player aka WordPress Video Player plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
WordPress Spider Video Player Plugin <= 2.1 - Reflected Cross Site Scripting
This plugin is prone to a cross site scripting vulnerability via "get" parameter. Solution Upgrade the plugin...
Wordpress Spider Video Player插件-settings.php文件-跨站脚本漏洞
No description provided by source...
CVE-2015-4352
Cross-site request forgery CSRF vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via unspecified vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via unspecified vectors...
Code injection
The Spider Video Player module for Drupal allows remote authenticated users with the "access Spider Video Player administration" permission to delete arbitrary files via a crafted URL...
CVE-2015-4352
Cross-site request forgery CSRF vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via unspecified vectors...
CVE-2015-4352
The CVE-2015-4352 entry concerns the Drupal Spider Video Player module. Multiple sources confirm a CSRF vulnerability that can cause an administrator’s authenticated session to be used to delete videos via specially crafted requests (vectors not specified). Impact is limited to admin actions like...
CVE-2015-4351
CVE-2015-4351 affects the Drupal Spider Video Player module. Remote authenticated users with the access Spider Video Player administration permission could delete arbitrary files via a crafted URL. The issue stems from insufficient validation of delete requests (and related CSRF protections) in t...
Multiple vulnerabilities in Drupal Spider Video Player module
Drupal is a free, open-source content management system developed in the PHP language and maintained by the Drupal community. Arbitrary file deletion and cross-site request forgery vulnerabilities in the Drupal Spider Video Player module allow an attacker to exploit these vulnerabilities by...
SA-CONTRIB-2015-059 - Spider Video Player - Multiple vulnerabilities - Unsupported
Spider Video Player module enables you to add HTML5 and Flash videos to your site. The module doesn't sufficiently check user input when deleting files. A malicious user could delete arbitrary files by making a request to a specially-crafted URL. This vulnerability is mitigated by the fact that t...
WordPress Web Dorado Spider Video Player XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...
CVE-2014-8584
Cross-site scripting XSS vulnerability in the Web Dorado Spider Video Player aka WordPress Video Player plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the Web Dorado Spider Video Player aka WordPress Video Player plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
WordPress Spider Video Player Plugin <= 1.5.1 - XSS
Because of this vulnerability, the attackers can inject arbitrary web script or HTML via unspecified vectors. Solution Update the plugin...
joomla spider video, 2.8.3, sqli
joomla spider video, 2.8.3, SQL Injection UpdateNoticeURL http://web-dorado.com/products/joomla-player.html...
Joomla! Spider Video Player Component <= 2.8.3 SQLi Vulnerability - Active Check
Joomla! Spider video player Component is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...