3 matches found
CVE-2018-6528
CVE-2018-6528 refers to an XSS flaw in D-Link DIR-860L/865L/868L routers (bsc_sms_send.php) that allows a remote attacker to read cookies via a crafted receiver parameter to soap.cgi. Root cause: improper input validation in htdocs/webinc/body/bsc_sms_send.php. Affected firmware versions include ...
CVE-2013-7389
Multiple cross-site scripting XSS vulnerabilities in D-Link DIR-645 Router Rev. A1 with firmware before 1.04B11 allow remote attackers to inject arbitrary web script or HTML via the 1 deviceid parameter to parentalcontrols/bind.php, 2 RESULT parameter to info.php, or 3 receiver parameter to...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in D-Link DIR-645 Router Rev. A1 with firmware before 1.04B11 allow remote attackers to inject arbitrary web script or HTML via the 1 deviceid parameter to parentalcontrols/bind.php, 2 RESULT parameter to info.php, or 3 receiver parameter to...