44 matches found
CVE-2019-17525
CVE-2019-17525 concerns the login page of the D-Link DIR-615 T1 with firmware 20.10, where an issue allows remote attackers to bypass CAPTCHA protection and perform brute-force login attempts. The connected sources confirm a CAPTCHA bypass vulnerability on DIR-615 T1 20.10, enabling credential br...
CVE-2017-17525
guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
CVE-2017-17525
guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
CVE-2017-17525
CVE-2017-17525 affects guiclient/guiclient.cpp in xTuple PostBooks 4.7.0, where the BROWSER environment variable is used without validating the launched program’s arguments. This can enable remote argument-injection via a crafted URL. Public records consistently describe the issue and its impact,...