The vulnerability of the formModifyDnsForward() function in Tenda W15E router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formModifyDnsForward function in the Tenda W15E router’s microprogramming software is related to the issue of the operation going beyond the buffer in memory when processing the DNSDomainName parameter. Exploiting this vulnerability allows a remote attacker to execute...

CVE-2023-40143

An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter...

Westermo Lynx 206-F2G Cross-Site Scripting Vulnerability

The Westermo Lynx 206-F2G is a Layer 3 industrial Ethernet switch from Westermo, Sweden, powered by the Westermo WeOS network operating system. A security vulnerability exists in the Westermo Lynx 206-F2G. The vulnerability can be exploited to introduce arbitrary JavaScript by injecting a...

PT-2024-12856 · Westermo · Westermo Lynx

Name of the Vulnerable Software and Affected Versions: Westermo Lynx affected versions not specified Description: An attacker with access to the Westermo Lynx web application could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the forward.0.domain parameter...

Tenda AC10U add_white_node function stack buffer overflow vulnerability

Tenda AC10U is a dual-band Gigabit wireless router from Tenda Technology, designed for 200 megabit and above fiber optic homes, supporting 802.11ac dual-band technology 2.4GHz and 5GHz, with a theoretical WiFi rate of up to 867Mbps. The Tenda AC10U suffers from a stack buffer overflow vulnerabili...

CVE-2023-44018

Tenda AC10U v1.0 USAC10UV1.0RTLV15.03.06.49multiTDE01 was discovered to contain a stack overflow via the domain parameter in the addwhitenode function...

CVE-2023-44018

Tenda AC10U v1.0 USAC10UV1.0RTLV15.03.06.49multiTDE01 was discovered to contain a stack overflow via the domain parameter in the addwhitenode function...

Stack overflow

Tenda AC10U v1.0 USAC10UV1.0RTLV15.03.06.49multiTDE01 was discovered to contain a stack overflow via the domain parameter in the addwhitenode function...

PT-2023-29070 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10U version 1.0 US AC10UV1.0RTL V15.03.06.49 multi TDE01 Description: A stack overflow issue was discovered via the domain parameter in the add white node function. This issue can be exploited, potentially leading to security breaches...

Tenda AC10 缓冲区错误漏洞

Tenda AC10U is a dual-band Gigabit wireless router from Tenda Technology, designed for 200 megabit and above fiber optic homes, supporting 802.11ac dual-band technology 2.4GHz and 5GHz, with a theoretical WiFi rate of up to 867Mbps. The Tenda AC10U suffers from a stack buffer overflow vulnerabili...

GHSA-JJ4J-CWGQ-FX7G ViMbAdmin Cross-site Scripting Vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in ViMbAdmin 3.0.15 allow remote attackers to inject arbitrary web script or HTML via the 1 domain or 2 transport parameter to domain/add; the 3 name parameter to mailbox/add/did/; the 4 goto parameter to alias/add/did/; or the 5 captchatext...

CVE-2021-43459

A Cross Site Scripting XSS vulnerability exists in Rumble Mail Server 0.51.3135 via the 1 domain and 2 path parameters...

CVE-2021-43459

A Cross Site Scripting XSS vulnerability exists in Rumble Mail Server 0.51.3135 via the 1 domain and 2 path parameters...

hestiacp 跨站脚本漏洞

Hestiacp is an open source Linux web server control panel designed to provide administrators with an easy-to-use web and command line interface. Hestiacp suffers from a cross-site scripting vulnerability that originates from an unprocessed user-controlled GET domain parameter in index.php, which...

Synology SafeAccess SQL Injection Vulnerability

Synology SafeAccess is an appliance from China-based Synology Inc. that can configure the security of your network environment. The appliance can monitor users' Internet behavior, set Internet schedules and time quotas, apply web filters to protect specific users, and protect all devices in the...

Synology SafeAccess Cross-Site Scripting Vulnerability

Synology SafeAccess is an appliance from China-based Synology Inc. that can configure the security of your network environment. The appliance can monitor users' Internet behavior, set Internet schedules and time quotas, apply web filters to protect specific users, and protect all devices in the...

CVE-2020-27660

SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter...

CVE-2020-27659

Multiple cross-site scripting XSS vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the 1 domain or 2 profile parameter...

CVE-2020-27659

Multiple cross-site scripting XSS vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the 1 domain or 2 profile parameter...

Sql injection

SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter...