Directory traversal vulnerability in ComGetLogFile.php3 for TrackerCam 5.12 and earlier allows remote attackers to read arbitrary files via ".." sequences and (1) "/" slash), (2) "" (backslash), or (3) hex-encoded characters in the fn...
6.8AI Score
0.06EPSS
Cross-site scripting (XSS) vulnerability in TrackerCam 5.12 and earlier allows remote attackers to inject arbitrary HTML or web script via the login request, which is recorded in a log file but not properly handled when the administrator views the log...
5.7AI Score
0.005EPSS
TrackerCam 5.12 and earlier allows remote attackers to read log files via the fn parameter in a direct request to the ComGetLogFile.php3...
6.6AI Score
0.011EPSS
TrackerCam 5.12 and earlier allows remote attackers to cause a denial of service (crash) via (1) a large number of connections with a negative Content-Length header, possibly triggering an integer signedness error, or (2) a large amount of...
6.9AI Score
0.011EPSS
Multiple buffer overflows in TrackerCam 5.12 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP request with a long User-Agent header or (2) a long argument to an arbitrary PHP...
8.1AI Score
0.26EPSS