Vulnerabilities (CVE)

Filtered by vendor Getmiro Subscribe
Filtered by product Broadcast Machine
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-6287 1 Getmiro 1 Broadcast Machine 2024-11-21 7.5 HIGH N/A
Multiple PHP remote file inclusion vulnerabilities in Broadcast Machine 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the baseDir parameter to (1) MySQLController.php, (2) SQLController.php, (3) SetupController.php, (4) VideoController.php, and (5) ViewController.php in controllers/.
CVE-2007-3694 1 Getmiro 1 Broadcast Machine 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in login.php in Miro Project Broadcast Machine 0.9.9.9 allows remote attackers to inject arbitrary web script or HTML via the username parameter.