Lucene search
+L

6 matches found

nvd
nvd
added 2020/01/31 10:15 p.m.19 views

CVE-2014-8338

Cross-site scripting XSS vulnerability in vwrooms/js/jsor-jcarousel/examples/specialtextscroller.php in the VideoWhisper Webcam plugins for Drupal 7.x allows remote attackers to inject arbitrary web script or HTML via a URL to a crafted SVG file in the feed parameter...

6.1CVSS6AI score0.01276EPSS
Exploits2References2
prion
prion
added 2020/01/31 10:15 p.m.21 views

Cross site scripting

Cross-site scripting XSS vulnerability in vwrooms/js/jsor-jcarousel/examples/specialtextscroller.php in the VideoWhisper Webcam plugins for Drupal 7.x allows remote attackers to inject arbitrary web script or HTML via a URL to a crafted SVG file in the feed parameter...

4.3CVSS6.1AI score0.01276EPSS
Exploits2References2Affected Software1
cvelist
cvelist
added 2020/01/31 9:49 p.m.23 views

CVE-2014-8338

Cross-site scripting XSS vulnerability in vwrooms/js/jsor-jcarousel/examples/specialtextscroller.php in the VideoWhisper Webcam plugins for Drupal 7.x allows remote attackers to inject arbitrary web script or HTML via a URL to a crafted SVG file in the feed parameter...

6AI score0.01276EPSS
Exploits2References2
drupal
drupal
added 2014/06/18 12:0 a.m.28 views

SA-CONTRIB-2014-061 - VideoWhisper Webcam Plugins - Cross Site Scripting (XSS) - Unsupported

Includes multiple modules for video communications including room listing, pay per view access control. The module doesn't sufficiently filter user supplied text from the url reflected cross site scripting. No special permissions are required to exploit this issue. There are no mitigating factors...

4.3CVSS6.5AI score0.01158EPSS
Exploits1References10
nvd
nvd
added 2014/04/28 2:9 p.m.20 views

CVE-2014-2715

Multiple cross-site scripting XSS vulnerabilities in vwrooms\templates\logout.tpl.php in the VideoWhisper Webcam plugins for Drupal 7.x allow remote attackers to inject arbitrary web script or HTML via the 1 module or 2 message parameter to index.php...

4.3CVSS5.8AI score0.01158EPSS
Exploits1References3
cvelist
cvelist
added 2014/04/28 2:0 p.m.29 views

CVE-2014-2715

Multiple cross-site scripting XSS vulnerabilities in vwrooms\templates\logout.tpl.php in the VideoWhisper Webcam plugins for Drupal 7.x allow remote attackers to inject arbitrary web script or HTML via the 1 module or 2 message parameter to index.php...

5.8AI score0.01158EPSS
Exploits1References3
Rows per page
Query Builder