D-Link DSL2600U - 'rom-0' Admin Password Disclosure

Exploit Title: D-Link DSL2600U - 'rom-0' Admin Password Disclosure Date: 2026-05-02 Exploit Author: Amir Hossein Jamshidi Vendor Homepage: https://www.dlink.com Version: DSL-2600U Tested on: ubuntu CVE : N/A Firmware Version: v1.08 from routersploit.libs.lzs.lzs import LZSDecompress import reques...

Astra Linux - уязвимость в liblivemedia

Live555 version 1.08 does not handle Matroska and Ogg files properly. Sending two consecutive RTSP SETUP commands for the same track causes a Use-After-Free error and results in a crash of the daemon...

CVE-2025-52763

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

CVE-2025-52763

The CVE-2025-52763 entry concerns the NickDuncan Nifty Backups WordPress plugin (

CVE-2025-52763 WordPress Nifty Backups plugin <= 1.08 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

WordPress plugin Nifty Backups 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

EUVD-2022-37013

Malicious code in bioql PyPI...

CVE-2025-58272

Cross-site request forgery vulnerability exists in Web Caster V130 versions 1.08 and earlier. If a logged-in user views a malicious page created by an attacker, the settings of the product may be unintentionally changed...

CVE-2025-58272

Cross-site request forgery vulnerability exists in Web Caster V130 versions 1.08 and earlier. If a logged-in user views a malicious page created by an attacker, the settings of the product may be unintentionally changed...

NTT EAST Web Caster V130 跨站请求伪造漏洞

The NTT EAST Web Caster V130 is a broadband access device from NTT EAST Japan. A cross-site request forgery vulnerability exists in NTT EAST Web Caster V130 version 1.08 and earlier, which stems from vulnerability to cross-site request forgery attacks...

PT-2025-35676

Name of the Vulnerable Software and Affected Versions: Web Caster V130 versions 1.08 and earlier Description: A cross-site request forgery issue exists that allows an attacker to potentially modify product settings if a logged-in user views a malicious page. Recommendations: Update Web Caster V13...

WordPress Nifty Backups plugin <= 1.08 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Nifty Backups versions = 1.08...

CVE-2025-55582

D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script mydlink-watch-dog.sh, which blindly respawns binaries such as dcp and signalc without verifying integrity, authenticity, or permissions. An attacker with local filesystem access via physical access, firmware...

CVE-2022-42159

D-Link COVR 1200,1202,1203 v1.08 was discovered to have a predictable seed in a Pseudo-Random Number Generator...

CVE-2025-32203 WordPress Falling things Plugin <= 1.08 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in manu225 Falling things falling-things allows SQL Injection.This issue affects Falling things: from n/a through = 1.08...

CVE-2024-9220

The LH Copy Media File plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.08. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pag...

PT-2024-39499 · WordPress · Lh Copy Media File

Name of the Vulnerable Software and Affected Versions: LH Copy Media File plugin for WordPress versions up to, and including, 1.08 Description: The LH Copy Media File plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping ...

ELECOM多款产品 安全漏洞

ELECOM WRC-X3000GS2-W and others are products of ELECOM Corporation.ELECOM WRC-X3000GS2-W is a wireless router.ELECOM WRC-X3000GS2-B is a gigabit router.ELECOM WRC-X3000GS2A-B is a gigabit router. A security vulnerability exists in several ELECOM products, which originates from mishandling of inp...

PT-2023-29659 · Proself · Proself Mail Sanitize Edition +2

Name of the Vulnerable Software and Affected Versions: Proself Enterprise/Standard Edition versions 5.62 and earlier Proself Gateway Edition versions 1.65 and earlier Proself Mail Sanitize Edition versions 1.08 and earlier Description: The issue allows a remote unauthenticated attacker to conduct...

SUSE CVE-2021-39282

Live555 through 1.08 has a memory leak in AC3AudioStreamParser for AC3 files...