Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allow remote malicious users to inject arbitrary web script or HTML via the next_file parameter to (1) main.cgi, (2) img/main.cgi, or (3) adm/file.cgi; or (4) the this_file parameter to adm/file.cgi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco wvc54gca 1.00r24 |
||
cisco wvc54gca 1.00r22 |