4 matches found
CVE-2025-60701
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub433188 function in prog.cgi stores user-supplied email configuration parameters EmailFrom, EmailTo, SMTPServerAddress, SMTPServerPort, AccountName in NVRAM v...
CVE-2023-34277
D-Link DIR-2150 SetSysEmailSettings AccountName Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2150 routers. Although authentication is required to exploit this...
CVE-2019-16309
FlameCMS 3.3.5 has SQL injection in account/login.php via accountName...
CVE-2019-16309
FlameCMS 3.3.5 has SQL injection in account/login.php via accountName...