CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Web-Dorado: >> Web-Dorado Spider Video Player Security Vulnerabilities

CVE-2015-4352

Cross-site request forgery (CSRF) vulnerability in the Spider Video Player module for Drupal allows remote attackers to hijack the authentication of administrators for requests that delete videos via unspecified vectors.

CVSS Score

5.8

EPSS Score

0.001

Published

2015-06-15

CVE-2015-4351

The Spider Video Player module for Drupal allows remote authenticated users with the "access Spider Video Player administration" permission to delete arbitrary files via a crafted URL.

CVSS Score

4.9

EPSS Score

0.008

Published

2015-06-15

CVE-2014-8584

Cross-site scripting (XSS) vulnerability in the Web Dorado Spider Video Player (aka WordPress Video Player) plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

EPSS Score

0.004

Published

2014-11-04

Page 1

Vulnerabilities

Vulnerable Software

Web-Dorado: >> Web-Dorado Spider Video Player Security Vulnerabilities

Products

Pricing

Contact Us