5 matches found
CVE-2026-2194
A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function startproxyclientemail. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...
CVE-2026-2194
The vulnerability CVE-2026-2194 affects D-Link DI-7100G C1 (firmware 24.04.18D1) in the start_proxy_client_email function. An attacker can remotely exploit a command injection vulnerability via manipulation of this function, with exploit activity described as published. Impact is described as ena...
CVE-2026-2194 D-Link DI-7100G C1 start_proxy_client_email command injection
A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function startproxyclientemail. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...
Invoice Plane Cross-Site Scripting Vulnerability (CNVD-2018-04555)
InvoicePlane is an open source financial system. The system has features to manage quotes, invoices and payments. A cross-site scripting vulnerability exists in the client email field in InvoicePlane 1.5.4 and prior versions. A remote attacker can exploit this vulnerability to execute JavaScript...
Design/Logic Flaw
courier/1000@/apierroremail.html aka "error reporting page" in Accellion File Transfer Appliance FTA70178, and possibly other versions before FTA70189, allows remote attackers to send spam e-mail via modified description and clientemail parameters...