CVE-2025-15496

A vulnerability was determined in guchengwuyue yshopmall up to 1.9.1. Affected is the function getPage of the file /api/jobs. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The project...

EUVD-2020-10255

Malware in sbrugna...

The vulnerability in the web interface for controlling D-Link DSL-2730U, DSL-2750U, and DSL-2750E microprogramming device allows a hacker to read arbitrary files.

The vulnerability in the web interface for managing D-Link DSL-2730U, DSL-2750U, and DSL-2750E microprogramming routers is related to insufficient validation of input data during the processing of the getpage parameter for the webproc endpoint /cgi-bin/webproc. Exploiting this vulnerability allow...

CVE-2025-34048

A path traversal vulnerability exists in the web management interface of D-Link DSL-2730U, DSL-2750U, and DSL-2750E ADSL routers with firmware versions IN1.02, SEA1.04, and SEA1.07. The vulnerability is due to insufficient input validation on the getpage parameter within the /cgi-bin/webproc CGI...

VulnCheck KEV: CVE-2025-34048

A path traversal vulnerability exists in the web management interface of D-Link DSL-2730U, DSL-2750U, and DSL-2750E ADSL routers with firmware versions IN1.02, SEA1.04, and SEA1.07. The vulnerability is due to insufficient input validation on the getpage parameter within the /cgi-bin/webproc CGI...

D-Link DSL-2730U和D-Link DSL-2750E 安全漏洞

The D-Link DSL-2730U and D-Link DSL-2750E are both routers from China-based AUO D-Link. A security vulnerability exists in the D-Link DSL-2730U and D-Link DSL-2750E, which stems from the incorrect operation of the parameter getpage in the file /cgi-bin/webproc, leading to a path traversal attack...

CVE-2022-38258

A local file inclusion LFI vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service DoS or access sensitive server information via manipulation of the getpage parameter in a crafted web request...

CVE-2021-34860

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the getpage parameter provided to th...

CVE-2017-15647

On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value...

CVE-2023-32141

D-Link DAP-1360 webproc WEBDisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability...

CVE-2020-18331

Directory traversal vulnerability in ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN running the firmware version W2000EN-01hardware platform Gpn2.4P21-CWIFI-V0.05, via the getpage parameter to /cgi-bin/webproc...

CVE-2022-38258

A local file inclusion LFI vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service DoS or access sensitive server information via manipulation of the getpage parameter in a crafted web request...

CVE-2022-38258

A local file inclusion LFI vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service DoS or access sensitive server information via manipulation of the getpage parameter in a crafted web request...

D-Link DIR-819 路径遍历漏洞

D-Link DIR-819 is a wireless dual-band router from China AUO D-Link. A security vulnerability exists in the D-Link DIR-819 v1.06. An attacker can exploit this vulnerability to cause a denial of service DoS or access sensitive server information by manipulating the getpage parameter in a specially...

PT-2022-24318 · D Link · D-Link Dir 819

Name of the Vulnerable Software and Affected Versions: D-Link DIR 819 version 1.06 Description: A local file inclusion issue allows attackers to cause a Denial of Service or access sensitive server information via manipulation of the getpage parameter in a crafted web request. This can lead to...

CVE-2021-34860

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 1.01rc001 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the getpage parameter provided to th...

PT-2021-20708 · D Link · D-Link Dap-2020

Name of the Vulnerable Software and Affected Versions: D-Link DAP-2020 version 1.01rc001 Description: This issue allows network-adjacent attackers to disclose sensitive information on affected installations. Authentication is not required to exploit this issue. The specific flaw exists within the...

CVE-2021-27248

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the...

PT-2020-6513 · D Link · D-Link Dap-2020

Name of the Vulnerable Software and Affected Versions: D-Link DAP-2020 version 1.01rc001 Description: The issue is related to a buffer overflow on the stack in the webproc getpage scenario of the D-Link DAP-2020 Wi-Fi access point's firmware. This can be exploited by network-adjacent attackers to...

CVE-2017-15647

On FiberHome routers, Directory Traversal exists in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value...