Lucene search
K

49 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:25 a.m.8 views

CVE-2023-4542

A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...

9.8CVSS7.5AI score0.86533EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-44297

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.0612EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-57489

Malicious code in bioql PyPI...

8.8CVSS7AI score0.81451EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-57491

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01675EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 4:30 a.m.8 views

CVE-2023-5153

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in D-Link DAR-8000 up to 20151231. This affects an unknown part of the file /Tool/querysql.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS7.3AI score0.01675EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:42 a.m.8 views

CVE-2023-5151

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as critical was found in D-Link DAR-8000 up to 20151231. Affected by this vulnerability is an unknown functionality of the file /autheditpwd.php. The manipulation of the argument hidid leads to sql injection. The attack can be launched remotely...

8.8CVSS7.4AI score0.81451EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/05/22 12:0 a.m.6 views

The vulnerability in the script interface/sysmanage/licenseauthorization.php of the D-Link DAR-7000 and DAR-8000 router microsystems allows a hacker to execute arbitrary code.

The vulnerability in the interface/sysmanage/licenseauthorization.php script of the D-Link DAR-7000 and DAR-8000 router microsystems lies in the ability to download files of a malicious nature without limitation. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

6.5CVSS7AI score0.02311EPSS
Exploits0References6Affected Software2
Positive Technologies
Positive Technologies
added 2024/05/15 12:0 a.m.4 views

PT-2024-3696 · D Link · D-Link Dar-7000-40 +2

Name of the Vulnerable Software and Affected Versions: D-Link DAR-7000-40 version V31R02B1413C D-Link DAR-7000 affected versions not specified D-Link DAR-8000 affected versions not specified Description: A critical issue affects an unknown part of the file /url/url.php, allowing for unrestricted...

9.8CVSS6.8AI score0.03001EPSS
Exploits0References9
OSV
OSV
added 2024/05/14 3:44 p.m.4 views

CVE-2024-4699

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...

9.8CVSS6.2AI score0.0612EPSS
Exploits1References5
NVD
NVD
added 2024/05/14 3:44 p.m.20 views

CVE-2024-4699

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230922. This issue affects some unknown processing of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. The attack may be initiated...

9.8CVSS6.5AI score0.0612EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.5 views

D-Link DAR-8000 代码问题漏洞

DAR-8000-10 is the Internet Behavior Audit Gateway from China AUO D-Link. AUO DAR-8000-10 20230922 and earlier versions have a deserialization vulnerability that originates from the unsafe deserialization of the parameter sql of the file /importhtml.php when receiving serialized data submitted by...

9.8CVSS7.5AI score0.0612EPSS
Exploits1References7
CVE
CVE
added 2024/05/10 12:31 a.m.39 views

CVE-2024-4699

Summary (CVE-2024-4699): D-Link DAR-8000-10 (up to 20230922) is affected by a deserialization vulnerability in the /importhtml.php endpoint. The issue arises from manipulating the sql parameter, enabling remote code execution through unsafe deserialization. This vulnerability is documented across...

9.8CVSS6.9AI score0.0612EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/03 12:0 a.m.7 views

The vulnerability in the importexport.php script of the D-Link DAR-8000 router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the importexport.php script in the D-Link DAR-8000 router microprogramming system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

6.5CVSS7AI score0.06994EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/03 12:0 a.m.6 views

The vulnerability of the /autheditpwd.php script in the D-Link DAR-8000 router microprogramming system, allowing a hacker to execute arbitrary commands.

The vulnerability of the /autheditpwd.php script in the D-Link DAR-8000 router microprogramming system is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

6.5CVSS7.3AI score0.81451EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/03 12:0 a.m.6 views

The vulnerability in the /sysmanage/changelogo.php script of the D-Link DAR-8000 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability in the /sysmanage/changelogo.php script of the D-Link DAR-8000 router’s microprogramming system is related to the unlimited loading of dangerous files. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

6.5CVSS7.2AI score0.15082EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/10/03 12:0 a.m.6 views

The vulnerability in the script /Tool/querysql.php of the D-Link DAR-8000 router software, which allows a hacker to execute arbitrary commands.

The vulnerability in the D-Link DAR-8000 router’s microprogramming software, implemented in the /Tool/querysql.php script, relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to execute arbitrary commands remotely...

6.5CVSS7.1AI score0.01675EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2023/09/25 3:15 a.m.20 views

CVE-2023-5154

UNSUPPORTED WHEN ASSIGNED A vulnerability has been found in D-Link DAR-8000 up to 20151231 and classified as critical. This vulnerability affects unknown code of the file /sysmanage/changelogo.php. The manipulation of the argument fileupload leads to unrestricted upload. The attack can be initiat...

8.8CVSS7.2AI score0.15082EPSS
Exploits0References4
OSV
OSV
added 2023/09/25 3:15 a.m.13 views

CVE-2023-5154

UNSUPPORTED WHEN ASSIGNED A vulnerability has been found in D-Link DAR-8000 up to 20151231 and classified as critical. This vulnerability affects unknown code of the file /sysmanage/changelogo.php. The manipulation of the argument fileupload leads to unrestricted upload. The attack can be initiat...

8.8CVSS5.5AI score0.15082EPSS
Exploits0References4
OSV
OSV
added 2023/09/25 3:15 a.m.5 views

CVE-2023-5153

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in D-Link DAR-8000 up to 20151231. This affects an unknown part of the file /Tool/querysql.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS5.5AI score0.01675EPSS
Exploits1References4
Prion
Prion
added 2023/09/25 3:15 a.m.19 views

Sql injection

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in D-Link DAR-8000 up to 20151231. This affects an unknown part of the file /Tool/querysql.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS6.9AI score0.01675EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder