Vulnerabilities > Vivotek > Camera > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-03 CVE-2018-18244 Cross-site Scripting vulnerability in Vivotek Camera
Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header.
network
low complexity
vivotek CWE-79
6.1
2019-01-03 CVE-2018-18005 Cross-site Scripting vulnerability in Vivotek Camera
Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter.
network
low complexity
vivotek CWE-79
6.1
2019-01-03 CVE-2018-18004 Missing Authorization vulnerability in Vivotek Camera
Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter.
network
low complexity
vivotek CWE-862
5.3