3 results (0.002 seconds)

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

A vulnerability has been found in Tektronix Sentry 6.0.9 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /?page=reports of the component Reports Page. The manipulation of the argument z leads to cross site scripting. The attack can be launched remotely. • https://vuldb.com/?ctiid.281551 https://vuldb.com/?id.281551 https://vuldb.com/?submit.423695 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 have a SQL injection vulnerability allowing an unauthenticated attacker to dump database contents via the page parameter in a page=login request to index.php (aka the server login page). Telestream Tektronix Medius versiones anteriores a 10.7.5 y Sentry versiones anteriores a 10.7.5, presentan una vulnerabilidad de inyección SQL que permite a un atacante no autenticado volcar el contenido de la base de datos por medio del parámetro page en una petición page=login hacia el archivo index.php (también se conoce como la página de inicio de sesión del servidor) • https://github.com/google/security-research/security/advisories/GHSA-g69r-8jwh-2462 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 10.0EPSS: 90%CPEs: 1EXPL: 3

Telestream Flip4Mac Windows Media Components for Quicktime 2.1.0.33 allows remote attackers to execute arbitrary code via a crafted ASF_File_Properties_Object size field in a WMV file, which triggers memory corruption. Telestream Flip4Mac Windows Media Components para Quicktime 2.1.0.33 permite a atacantes remotos ejecutar código de su elección mediante un campo ASF_File_Properties_Object artesanal en un fichero WMV, lo cual provoca una corrupción de memoria. • https://www.exploit-db.com/exploits/29535 http://projects.info-pull.com/moab/MOAB-27-01-2007.html http://secunia.com/advisories/23958 http://www.osvdb.org/32697 http://www.securityfocus.com/bid/22286 http://www.vupen.com/english/advisories/2007/0389 •