7 matches found
Compro Technology IP Camera - ' index_MJpeg.cgi' Stream Disclosure
Exploit Title: Compro Technology IP Camera - ' indexMJpeg.cgi' Stream Disclosure Date: 2021-09-30 Exploit Author: icekam,xiao13,Rainbow,tfsec Software Link: http://www.comprotech.com.hk/ Version: Compro IP70 2.087130218, IP570 2.087130520, IP60, TN540 CVE : CVE-2021-40381 Has an unauthorized acce...
CVE-2021-29313
Cross Site Scripting XSS vulnerability exists in SeaCMS 12.6 via the 1 vcompany and 2 vtvs parameters in /adminvideo.php,...
wei.merdeka.com XSS vulnerability
Vulnerable URL: http://wei.merdeka.com/play-video?=Arrayprompt/OPENBUGBOUNTY/...
SQL injection vulnerability in BlogManage/Video/MyVideo.aspx page of Shanghai Hongyu Information Technology Co.
ECS ECS education site system is a general-purpose CMS program developed by Shanghai Hongyu Information Technology Co., Ltd. for schools, education and other site-building system. ECS BlogManage/Video/MyVideo.aspx page has a SQL injection vulnerability, which can be exploited to obtain sensitive...
rtl.de XSS vulnerability
Vulnerable URL: http://www.rtl.de/videos/die-einen-sind-heiss-wie-frittenfett-die-anderen-haben-angst-412505.html?'alert'XSSPOSED'...
wsj.com XSS vulnerability
Vulnerable URL: http://www.wsj.com/video/gray-wolves-return-to-california/43C61BB9-427C-4F8C-AE9C-95BE9A053FF8.html?mod="...
Social Engine 4 Cross Site Scripting
===================================================== Social Engine 4 Persistent XSS & Non-Persistent XSS ===================================================== :----------------------------------------------------------------------------------------------------------------------------------------...