Vulnerabilities (CVE)

Filtered by vendor Astrocam Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-2075 1 Astrocam 1 Astrocam 2024-02-04 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in pic.php in AstroCam 2.5.0 through 2.7.3 allows remote attackers to inject arbitrary web script or HTML via the picfile parameter.
CVE-2007-1426 1 Astrocam 1 Astrocam 2024-02-04 7.8 HIGH N/A
The web interface in AstroCam 2.0.0 through 2.6.5 allows remote attackers to cause a denial of service (daemon shutdown) via requests that contain a large amount of data in the "a" variable, which "fills up the message queue."
CVE-2002-1874 1 Astrocam 1 Astrocam 2024-02-04 10.0 HIGH N/A
astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request. NOTE: earlier disclosures stated that the affected versions were 1.7.1 through 2.1.2, but the vendor explicitly stated that these were incorrect.