D-Link DAP-2660 安全漏洞

The D-Link DAP-2660 is a wireless device from China AUO D-Link. A security vulnerability exists in D-Link DAP-2660 v1.13, which stems from a buffer overflow vulnerability in the parameter fipv6enable. An attacker can exploit the vulnerability by designing a POST request...

CVE-2022-1248

A vulnerability was found in SAP Information System 1.0 which has been rated as critical. Affected by this issue is the file /SAPInformationSystem/controllers/addadmin.php. An unauthenticated attacker is able to create a new admin account for the web application with a simple POST request. Exploi...

Tenda AC11 Stack Buffer Overflow Vulnerability (CNVD-2021-33998)

The Tenda AC11 is an AC1200 dual-band Gigabit WiFi router. A stack buffer overflow vulnerability exists in /goform/setmac in the Tenda AC11 02.03.01.104CN and earlier firmware. An attacker can exploit this vulnerability to execute arbitrary code on the system via a specially crafted post request...

The vulnerability of the KTS web interface “Mayak,” related to the failure to protect the SQL query structure, allows attackers to execute arbitrary SQL commands.

The vulnerability of the KTS “Lighthouse” web interface is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands using a specially crafted HTTP POST request...

Slider by 10Web < 1.2.36 - Multiple Authenticated SQL Injection

The bulkaction, exportfull and savesliderdb functionalities of the plugin were vulnerable, allowing a high privileged user Admin, or medium one such as Contributor+ if "Role Options" is turn on for other users to perform a SQL Injection attacks. Vulnerable param: check Vulnerable function:...

Arbitrary File Deletion Vulnerability in Zoomla!

Zoomla! Wave CMS is a CMS website core and management system R & D vendors, integrated content management, shopping malls, OA, SNS, project management, collection, e-mail subscription to hundreds of features , based on the . net platform and support cross-platform and mobile. Zoomla! CMS has an...

Arbitrary Password Changing Vulnerability in Hi-Read Media's Digital Newspaper System

Joy Reading Kiosk Digital Newspaper System is a digital newspaper WEB management system. The product /www/index.php?mod=admin&con=adminuser&act=editpost there is an arbitrary password change vulnerability, an attacker can exploit the vulnerability by submitting a POST request to change the...

Sami HTTP Server 2.0.1 POST Request Denial of Service Exploit

No description provided by source. usr/bin/python import socket print "-------------------------------------------------------------------------" print " Sami HTTP Server 2.0.1 POST request Denial of Service" print " url: http://www.karjasoft.com" print " author: shinnai" print " mail:...

Monkey HTTP Server 0.4/0.5 - Invalid POST Denial of Service

source: https://www.securityfocus.com/bid/6096/info A denial of service vulnerability has been reported for Monkey HTTP server. The vulnerability is due to inadequate checks being performed when decoding POST requests. An attacker can exploit this vulnerability by issuing a POST request with an...