Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 8:4 a.m.9 views

CVE-2019-13373

An issue was discovered in the D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6. Input does not get validated and arbitrary SQL statements can be executed in the database via the /web/Public/Conn.php parameter dbSQL...

9.8CVSS7.5AI score0.68019EPSS
Exploits2References1
Check Point Advisories
Check Point Advisories
added 2022/11/14 12:0 a.m.22 views

D-Link Central WiFiManager CWM-100 SQL Injection (CVE-2019-13373)

An SQL injection vulnerability exists in D-Link Central WiFiManager CWM-100. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.5AI score0.68019EPSS
Exploits2
Rapid7 Blog
Rapid7 Blog
added 2021/02/19 5:55 p.m.86 views

Metasploit Wrap-Up

GSoC Rocks! In a rare double whammy, one of our 2020 Google Summer of Code GSoC participants has authored a PR containing both enhancements & a new module! Improvements to our SQL injection library now allow PostgreSQL injection, and this new functionality has been verified with both a test modul...

10CVSS9.6AI score0.95657EPSS
Exploits21
Circl
Circl
added 2019/07/07 1:59 a.m.16 views

CVE-2019-13373

creationtimestamp| type| source ---|---|--- 2019-07-07 01:59:53+00:00| seen| https://t.me/cveNotify/286 2021-02-14 18:19:50+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/sqli/dlink/dlinkcentralwifimanagersqli.rb 2025-02-06 03:13:44+00:00| seen|...

9.8CVSS8.7AI score0.68019EPSS
Exploits2References2
Cvelist
Cvelist
added 2019/07/06 10:54 p.m.27 views

CVE-2019-13373

An issue was discovered in the D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6. Input does not get validated and arbitrary SQL statements can be executed in the database via the /web/Public/Conn.php parameter dbSQL...

9.7AI score0.68019EPSS
Exploits2References3
CVE
CVE
added 2019/07/06 10:54 p.m.289 views

CVE-2019-13373

Summary (CVE-2019-13373) : A vulnerability in D-Link Central WiFi Manager CWM-100 (versions before v1.03R0100_BETA6) where input is not validated, allowing arbitrary SQL commands via the /web/Public/Conn.php?dbSQL parameter. This can lead to database compromise, including retrieval of usernames/p...

9.8CVSS9.6AI score0.68019EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder