6 matches found
CVE-2019-13373
An issue was discovered in the D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6. Input does not get validated and arbitrary SQL statements can be executed in the database via the /web/Public/Conn.php parameter dbSQL...
D-Link Central WiFiManager CWM-100 SQL Injection (CVE-2019-13373)
An SQL injection vulnerability exists in D-Link Central WiFiManager CWM-100. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Metasploit Wrap-Up
GSoC Rocks! In a rare double whammy, one of our 2020 Google Summer of Code GSoC participants has authored a PR containing both enhancements & a new module! Improvements to our SQL injection library now allow PostgreSQL injection, and this new functionality has been verified with both a test modul...
CVE-2019-13373
creationtimestamp| type| source ---|---|--- 2019-07-07 01:59:53+00:00| seen| https://t.me/cveNotify/286 2021-02-14 18:19:50+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/sqli/dlink/dlinkcentralwifimanagersqli.rb 2025-02-06 03:13:44+00:00| seen|...
CVE-2019-13373
An issue was discovered in the D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6. Input does not get validated and arbitrary SQL statements can be executed in the database via the /web/Public/Conn.php parameter dbSQL...
CVE-2019-13373
Summary (CVE-2019-13373) : A vulnerability in D-Link Central WiFi Manager CWM-100 (versions before v1.03R0100_BETA6) where input is not validated, allowing arbitrary SQL commands via the /web/Public/Conn.php?dbSQL parameter. This can lead to database compromise, including retrieval of usernames/p...