Emotion Mediapartner Web Server : Security vulnerabilities, CVEs

Copy

CVE-2005-0336

Cross-site scripting (XSS) vulnerability in EMotion MediaPartner Web Server 5.0 allows remote attackers to inject arbitrary HTML or web script, as demonstrated using a URL containing .. sequences and HTML, which results in a directory browsing page that does not properly filter the HTML.

Max CVSS

4.3

EPSS Score

0.68%

Published

2005-05-02

Updated

2017-07-11

CVE-2005-0335

Directory traversal vulnerability in EMotion MediaPartner Web Server 5.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.

Max CVSS

5.0

EPSS Score

0.54%

Published

2005-05-02

Updated

2017-07-11

CVE-2005-0286

eMotion MediaPartner Web Server 5.0 and 5.1 allows remote attackers to obtain sensitive information via an HTTP request for a .bhtml file that contains a (1) . (dot) or (2) + (plus sign) at the end, which returns the source code for that file.

Max CVSS

5.0

EPSS Score

0.82%

Published

2005-05-02

Updated

2017-07-11

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!