5 matches found
CVE-2018-17989
A stored XSS vulnerability exists in the web interface on D-Link DSL-3782 devices with firmware 1.01 that allows authenticated attackers to inject a JavaScript or HTML payload inside the ACL page. The injected payload would be executed in a user's browser when "/cgi-bin/NewGUI/Acl.asp" is request...
Cross site scripting
A stored XSS vulnerability exists in the web interface on D-Link DSL-3782 devices with firmware 1.01 that allows authenticated attackers to inject a JavaScript or HTML payload inside the ACL page. The injected payload would be executed in a user's browser when "/cgi-bin/NewGUI/Acl.asp" is request...
CVE-2018-17989
A stored XSS vulnerability exists in the web interface on D-Link DSL-3782 devices with firmware 1.01 that allows authenticated attackers to inject a JavaScript or HTML payload inside the ACL page. The injected payload would be executed in a user's browser when "/cgi-bin/NewGUI/Acl.asp" is request...
CVE-2006-5741
Multiple cross-site scripting XSS vulnerabilities in AirMagnet Enterprise before 7.5 build 6307 allow remote attackers to inject arbitrary web script or HTML via 1 the 404 error page of the Smart Sensor Edge Sensor; 2 the user name for a failed logon, when displayed in the audit journals reviewin...
CVE-2006-5741
Multiple cross-site scripting XSS vulnerabilities in AirMagnet Enterprise before 7.5 build 6307 allow remote attackers to inject arbitrary web script or HTML via 1 the 404 error page of the Smart Sensor Edge Sensor; 2 the user name for a failed logon, when displayed in the audit journals reviewin...