235 matches found
CVE-2024-52055 Application Copy Path Traversal in Wowza Streaming Engine
Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to read any file on the file system if the target directory contains an XML definition file...
CVE-2024-52055 Application Copy Path Traversal in Wowza Streaming Engine
Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to read any file on the file system if the target directory contains an XML definition file...
CVE-2024-52055
The CVE-2024-52055 vulnerability affects Wowza Streaming Engine Manager (the Manager web app) and is a path traversal issue in versions prior to 4.9.1. An administrator user can read arbitrary files on the server if the target directory contains an XML definition file, due to insufficient restric...
CVE-2024-52054 Application Creation Path Traversal in Wowza Streaming Engine
Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to create an XML definition file anywhere on the file system...
CVE-2024-52054 Application Creation Path Traversal in Wowza Streaming Engine
Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to create an XML definition file anywhere on the file system...
CVE-2024-52054
Wowza Streaming Engine Manager in affected versions prior to 4.9.1 is vulnerable to a path traversal flaw that lets an administrator create an XML definition file anywhere on the file system due to insufficient directory path restrictions. Affected product: Wowza Streaming Engine (Manager compone...
CVE-2024-52053 Stored Cross-Site Scripting in Wowza Streaming Engine
Stored Cross-Site Scripting in the Manager component of Wowza Streaming Engine below 4.9.1 allows an unauthenticated attacker to inject client-side JavaScript into the web dashboard to automatically hijack admin accounts...
CVE-2024-52053
CVE-2024-52053 affects Wowza Streaming Engine Manager prior to version 4.9.1, where an unauthenticated stored cross-site scripting (XSS) vulnerability in the Manager web dashboard can inject client-side JavaScript and enable hijacking of admin accounts. Technical details across connected sources ...
CVE-2024-52053 Stored Cross-Site Scripting in Wowza Streaming Engine
Stored Cross-Site Scripting in the Manager component of Wowza Streaming Engine below 4.9.1 allows an unauthenticated attacker to inject client-side JavaScript into the web dashboard to automatically hijack admin accounts...
CVE-2024-52052
CVE-2024-52052 affects Wowza Streaming Engine prior to 4.9.1, with the vulnerability rooted in insufficient input validation in the Manager web dashboard. An authenticated Streaming Engine Manager administrator can define a custom application property and poison a stream target, enabling high-pri...
CVE-2024-52052 Stream Target Remote Code Execution in Wowza Streaming Engine
Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager administrator to define a custom application property and poison a stream target for high-privilege remote code execution...
CVE-2024-52052 Stream Target Remote Code Execution in Wowza Streaming Engine
Wowza Streaming Engine below 4.9.1 permits an authenticated Streaming Engine Manager administrator to define a custom application property and poison a stream target for high-privilege remote code execution...
Wowza Media Systems Wowza Streaming Engine 路径遍历漏洞
Wowza Media Systems Wowza Streaming Engine is a powerful, customizable and extensible media server software from Wowza Media Systems, USA. It is used to reliably stream high-quality video and audio to any device, anywhere. A path traversal vulnerability exists in Wowza Media Systems Wowza Streami...
Wowza Media Systems Wowza Streaming Engine 安全漏洞
Wowza Media Systems Wowza Streaming Engine is a powerful, customizable and extensible media server software from Wowza Media Systems, USA. It is used to reliably stream high-quality video and audio to any device, anywhere. A security vulnerability exists in Wowza Media Systems Wowza Streaming...
Wowza Media Systems Wowza Streaming Engine 路径遍历漏洞
Wowza Media Systems Wowza Streaming Engine is a powerful, customizable and scalable media server software from Wowza Media Systems, Inc. It is used to reliably stream high-quality video and audio to any device, anywhere. A path traversal vulnerability exists in Wowza Media Systems Wowza Streaming...
Wowza Media Systems Wowza Streaming Engine 路径遍历漏洞
Wowza Media Systems Wowza Streaming Engine is a powerful, customizable and scalable media server software from Wowza Media Systems, Inc. It is used to reliably stream high-quality video and audio to any device, anywhere. A path traversal vulnerability exists in Wowza Media Systems Wowza Streaming...
Wowza Media Systems Wowza Streaming Engine 跨站脚本漏洞
Wowza Media Systems Wowza Streaming Engine is a powerful, customizable and extensible media server software from Wowza Media Systems, USA. It is used to reliably stream high-quality video and audio to any device, anywhere. A cross-site scripting vulnerability exists in Wowza Media Systems Wowza...
Multiple Vulnerabilities in Wowza Streaming Engine (Fixed)
Wowza Streaming Engine below v4.9.1 is vulnerable to multiple vulnerabilities on Linux and Windows. An unauthenticated attacker can poison the Wowza Streaming Engine Manager web dashboard with a stored cross-site scripting “XSS” payload. When an administrator views the poisoned dashboard,...
Multiple Vulnerabilities in Wowza Streaming Engine (Fixed)
Wowza Streaming Engine below v4.9.1 is vulnerable to multiple vulnerabilities on Linux and Windows. An unauthenticated attacker can poison the Wowza Streaming Engine Manager web dashboard with a stored cross-site scripting “XSS” payload. When an administrator views the poisoned dashboard,...
PT-2024-8650 · Wowza · Wowza Streaming Engine
Name of the Vulnerable Software and Affected Versions: Wowza Streaming Engine versions prior to 4.9.1 Description: The issue is related to Stored Cross-Site Scripting in the Manager component, which allows an unauthenticated attacker to inject client-side JavaScript into the web dashboard. This c...