CVE-2019-25240

Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that allows unauthorized access to live video streams. Attackers can exploit the Mobile Web Viewer module by specifying channel numbers to retrieve sequential video snapshots without authentication...

CVE-2019-25240 Rifatron 5brid DVR 5brid DVR (HD6-532/516, DX6-516/508/504, MX6-516/508/504, EH6-504) Unauthenticated Live Stream Disclosure via animate.cgi

Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that allows unauthorized access to live video streams. Attackers can exploit the Mobile Web Viewer module by specifying channel numbers to retrieve sequential video snapshots without authentication...

CVE-2019-25240 Rifatron 5brid DVR 5brid DVR (HD6-532/516, DX6-516/508/504, MX6-516/508/504, EH6-504) Unauthenticated Live Stream Disclosure via animate.cgi

Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that allows unauthorized access to live video streams. Attackers can exploit the Mobile Web Viewer module by specifying channel numbers to retrieve sequential video snapshots without authentication...

CVE-2019-25240

Rifatron 5brid DVR suffers an unauthenticated vulnerability in the animate.cgi script that enables unauthorized access to live video streams via the Mobile Web Viewer by specifying channel numbers. Affected versions include HD6-532/516, DX6-516/508/504, MX6-516/508/504, EH6-504. Root cause is the...

CVE-2021-47719 CNC_Ctrl DllUnregisterServer f5501 Access Violation

COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in CommaxWebViewer.ocx to cause buffer overflow condition...

CVE-2018-25124

PacsOne Server version 6.6.2 prior versions are likely affected contains a directory traversal vulnerability within the web-based DICOM viewer component. Successful exploitation allows a remote unauthenticated attacker to read arbitrary files via the 'nocache.php' endpoint with a crafted 'path'...

CVE-2018-25124

PacsOne Server 6.6.2 (and likely earlier) contains a directory traversal (local file inclusion) flaw in the web-based DICOM viewer. The vulnerability allows unauthenticated remote attackers to read arbitrary files via the nocache.php endpoint with a crafted path parameter. Exploitation evidence w...

CVE-2018-25124 PacsOne Server 6.6.2 DICOM Web Viewer Directory Traversal LFI

PacsOne Server version 6.6.2 prior versions are likely affected contains a directory traversal vulnerability within the web-based DICOM viewer component. Successful exploitation allows a remote unauthenticated attacker to read arbitrary files via the 'nocache.php' endpoint with a crafted 'path'...

EUVD-2013-3520

Malware in sbrugna...

EUVD-2015-8168

Malware in sbrugna...

EUVD-2021-19414

Malware in sbrugna...

EUVD-2015-8169

Malware in sbrugna...

EUVD-2018-3708

Malware in sbrugna...

EUVD-2024-26730

Malicious code in bioql PyPI...

CVE-2021-32572

Speco Web Viewer through 2021-05-12 allows Directory Traversal via GET request for a URI with /.. at the beginning, as demonstrated by reading the /etc/passwd file...

CVE-2013-3585

Samsung Web Viewer for Samsung DVR devices stores credentials in cleartext, which allows context-dependent attackers to obtain sensitive information via vectors involving 1 direct access to a file or 2 the user-setup web page...

CVE-2013-3586

Samsung Web Viewer for Samsung DVR devices allows remote attackers to bypass authentication via an arbitrary SessionID value in a cookie...

CVE-2025-1888

The Leica Web Viewer within the Aperio Eslide Manager Application is vulnerable to reflected cross-site scripting XSS. An authenticated user can access the slides within a project and injecting malicious JavaScript into the "memo" field. The memo field has a hover over action that will display a...

Hanwha Vision Web Viewer Cross-site Scripting (CVE-2018-11689)

Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer for Samsung DVR are vulnerable to XSS via the /cgi- bin/webviewerloginpage data3 parameter. The same Web Viewer codebase was transitioned from Samsung to Hanwha. This plugin only works with Tenable.ot. Please visit...

CVE-2024-29732 SQL Injection vulnerability on SCAN_VISIO eDocument Suite Web Viewer from Abast

A SQL Injection has been found on SCANVISIO eDocument Suite Web Viewer of Abast. This vulnerability allows an unauthenticated user to retrieve, update and delete all the information of database. This vulnerability was found on login page via "user" parameter...