VYPR
Vendor

Dream Multimedia Tv

Products
6
CVEs
5
Across products
7
Status
Private

Products

6

Recent CVEs

5
  • CVE-2017-15287MedOct 12, 2017
    risk 0.43cvss 6.1epss 0.06

    There is XSS in the BouquetEditor WebPlugin for Dream Multimedia Dreambox devices, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI.

  • CVE-2012-1025Feb 8, 2012
    risk 0.03cvss epss 0.06

    Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter.

  • CVE-2012-1024Feb 8, 2012
    risk 0.03cvss epss 0.04

    Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

  • CVE-2011-4716Dec 8, 2011
    risk 0.03cvss epss 0.04

    Directory traversal vulnerability in file in DreamBox DM800 1.6rc3, 1.5rc1, and earlier allows remote attackers to read arbitrary files via the file parameter.

  • CVE-2015-4714Jun 22, 2015
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S allows remote attackers to inject arbitrary web script or HTML via the mode parameter to /body.