Vulnerabilities (CVE)

Filtered by vendor Dream-multimedia-tv Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4714 1 Dream-multimedia-tv 2 Dreambox Dm500-s, Dreambox Dm500-s Firmware 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S allows remote attackers to inject arbitrary web script or HTML via the mode parameter to /body.
CVE-2012-1025 1 Dream-multimedia-tv 1 Enigma2 Webinterface 2024-11-21 5.0 MEDIUM N/A
Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter.
CVE-2012-1024 1 Dream-multimedia-tv 1 Enigma2 Webinterface 2024-11-21 5.0 MEDIUM N/A
Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
CVE-2011-4716 1 Dream-multimedia-tv 4 Dreambox Dm800 Hd Pvr, Dreambox Dm800 Hd Pvr Firmware, Dreambox Dm800 Hd Se and 1 more 2024-11-21 5.0 MEDIUM N/A
Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter.