RSS   Vulnerabilities for 'Astrocam'   RSS

2008-05-05
 
CVE-2008-2075

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in pic.php in AstroCam 2.5.0 through 2.7.3 allows remote attackers to inject arbitrary web script or HTML via the picfile parameter.

 
2007-03-12
 
CVE-2007-1426

CWE-20
 

 
The web interface in AstroCam 2.0.0 through 2.6.5 allows remote attackers to cause a denial of service (daemon shutdown) via requests that contain a large amount of data in the "a" variable, which "fills up the message queue."

 
2002-12-31
 
CVE-2002-1874

 

 
astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect.

 


Copyright 2017, cxsecurity.com

 

Back to Top