Vulnerabilities > Hdwplayer

DATE CVE VULNERABILITY TITLE RISK
2023-12-15 CVE-2023-49178 Cross-site Scripting vulnerability in Hdwplayer HDW Player
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mr.
network
low complexity
hdwplayer CWE-79
6.1
2014-08-06 CVE-2014-5180 SQL Injection vulnerability in Hdwplayer Hdw-Player-Video-Player-Video-Gallery 2.4.2
SQL injection vulnerability in the videos page in the HDW Player Plugin (hdw-player-video-player-video-gallery) 2.4.2 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the id parameter in the edit action to wp-admin/admin.php.
network
low complexity
hdwplayer CWE-89
6.5