Dream-Multimedia-Tv: Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S allows remote attackers to inject arbitrary web script or HTML via the mode parameter to /body.
CVSS Score
4.3
EPSS Score
0.002
Published
2015-06-22
Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVSS Score
5.0
EPSS Score
0.077
Published
2012-02-08
Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter.
CVSS Score
5.0
EPSS Score
0.097
Published
2012-02-08
Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter.
CVSS Score
5.0
EPSS Score
0.075
Published
2011-12-08