5 matches found
CVE-2024-1364
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via widget's customid in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
ASUS Asuswrt-Merlin Information Disclosure Vulnerability
ASUS Asuswrt-Merlin is a firmware from Asus ASUS of Taiwan, China that runs in its routers. An information disclosure vulnerability exists in ASUS Asuswrt-Merlin. An attacker could exploit this vulnerability by reading the customid variable on the blocking.asp page to obtain information about the...
CVE-2018-8878
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the customid variable on the blocking.asp...
CVE-2018-8878
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the customid variable on the blocking.asp...
Information disclosure
Information disclosure in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to acquire information on internal network devices' hostnames and MAC addresses by reading the customid variable on the blocking.asp...