EUVD-2026-14297

A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unknown function of the file /cgi-bin/login.cgi of the component POST Request Handler. Executing a manipulation of the argument homepage/hostname/loginpage can lead to cross site scripting. It is possible to launch the...

CVE-2026-4544

CVE-2026-4544 affects Wavlink WL-WN578W2 221110. The vulnerability is in the POST Request Handler’s /cgi-bin/login.cgi, where manipulating the argument homepage/hostname/login_page can trigger cross-site scripting. Exploitation is possible remotely, and public exploit activity is indicated. No ve...

CVE-2025-42896

CVE-2025-42896 affects SAP BusinessObjects Business Intelligence Platform and is an SSRF vulnerability where an unauthenticated remote attacker can send crafted requests via the URL parameter controlling the login page error message. The server may fetch attacker-supplied URLs, yielding low impac...

PT-2025-49771

SAP BusinessObjects Business Intelligence Platform lets an unauthenticated remote attacker send crafted requests through the URL parameter that controls the login page error message. This can cause the server to fetch attacker-supplied URLs, resulting in low impact to confidentiality and integrit...

The vulnerability of Brother HL-L2360D, DCP-1610W, DCP-L2550DW, HL-L2390DW, HL-L2395DW, MFC-J4620DW, MFC-J6945DW, MFC-L2710DN, MFC-L2710DW, MFC-L2770DW, MFC-L8690CDW, TD-2130N printers’ microprogramming software allows a hacker to redirect users to any desired URL address.

The vulnerability of Brother HL-L2360D, DCP-1610W, DCP-L2550DW, HL-L2390DW, HL-L2395DW, MFC-J4620DW, MFC-J6945DW, MFC-L2710DN, MFC-L2710DW, MFC-L2770DW, MFC-L8690CDW, and TD-2130N printers relates to the redirection of URLs to unreliable websites. Exploiting this vulnerability allows a malicious...

Hangzhou Meisoft Information Technology FineSoft Cross-Site Scripting Vulnerability

Hangzhou Meisoft Information Technology Finesoft is a pharmaceutical management software from Hangzhou Meisoft Information China. A cross-site scripting vulnerability exists in Hangzhou Meisoft Information Technology FineSoft v.8.0 and earlier versions, which can be exploited to allow a remote...

CVE-2023-40277

An issue was discovered in OpenClinic GA 5.247.01. A Reflected Cross-Site Scripting XSS vulnerability has been discovered in the login.jsp message parameter...

VulnCheck KEV: CVE-2020-17453

WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter...

CVE-2022-35192

D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service DoS via the User parameter or Pwd parameter to Login.asp...

Church Management System SQL注入漏洞

Church Management System is a church management system. A SQL injection vulnerability exists in version 1.0 of the SourceCodester Church Management System, which stems from an unknown function in its login.php component that operates on a special string input for the parameter username, resulting...

CVE-2022-34048

Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting XSS vulnerability via the loginpage parameter...

WAVLINK WN530HG4 跨站脚本漏洞

The WAVLINK WN530HG4 is a wireless router from the Chinese company WAVLINK. A security vulnerability exists in WAVLINK WN530HG4 M33A8.V5030.190716 version, which stems from a security issue with the loginpage parameter...

CVE-2020-8887

Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 have a SQL injection vulnerability allowing an unauthenticated attacker to dump database contents via the page parameter in a page=login request to index.php aka the server login page...

Liberscol Reflective Cross-Site Scripting Vulnerability

Liberscol is a French open source digital teaching platform. A reflective cross-site scripting vulnerability exists in the error parameter of Login/jsp in the 2013-09-20 version of Liberscol, which can be used by an attacker to inject malicious scripts...