Vulnerabilities > Dream Multimedia TV
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-06-22 | CVE-2015-4714 | Cross-site Scripting vulnerability in Dream-Multimedia-Tv Dreambox Dm500-S Firmware Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S allows remote attackers to inject arbitrary web script or HTML via the mode parameter to /body. | 4.3 |
2012-02-08 | CVE-2012-1025 | Path Traversal vulnerability in Dream-Multimedia-Tv Enigma2 Webinterface Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter. | 5.0 |
2012-02-08 | CVE-2012-1024 | Path Traversal vulnerability in Dream-Multimedia-Tv Enigma2 Webinterface 1.5 Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. | 5.0 |
2011-12-08 | CVE-2011-4716 | Path Traversal vulnerability in Dream-Multimedia-Tv products Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter. | 5.0 |