Tecnovision Dlx Spot Player4 — known CVE vulnerabilities
Every CVE whose affected-product data names Tecnovision Dlx Spot Player4, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2017-12928 — CVSS 9.8 (critical): A hard-coded password of tecn0visi0n for the dlxuser account in TecnoVISION DLX Spot Player4 (all known versions) allows remote attackers…
CVE-2017-12930 — CVSS 9.8 (critical): SQL Injection in the admin interface in TecnoVISION DLX Spot Player4 version >1.5.10 allows remote unauthenticated users to access the web…
CVE-2017-12929 — CVSS 8.8 (high): Arbitrary File Upload in resource.php of TecnoVISION DLX Spot Player4 version >1.5.10 allows remote authenticated users to upload arbitrary…