QwikSec

Security Database

CVE

CWE

Training

CVE-2021-47729

Published: Dec 9, 2025

Modified: Apr 7, 2026

PUBLISHED

Description

Selea Targa IP OCR-ANPR Camera contains a stored cross-site scripting vulnerability in the 'files_list' parameter that allows attackers to inject malicious HTML and script code. Attackers can send a POST request to /cgi-bin/get_file.php with crafted payload to execute arbitrary scripts in victim's browser session.

Vendor	Product	Versions
selea s.r.l.	Selea Targa IP OCR-ANPR Camera	affected `Model: iZero` affected `Firmware: BLD201113005214` affected `CPS: 4.013(201105)`

Weaknesses (CWE)

References

ExploitDB-49454

exploit

Selea s.r.l. Product Homepage

product

Zero Science Lab Disclosure (ZSL-2021-5614)

third-party-advisory

Selea Targa IP OCR-ANPR Camera Product Page

product

VulnCheck Advisory: Selea Targa IP Camera Stored Cross-Site Scripting via Files List

third-party-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.