3 matches found
D-Link Central WiFi Manager (CWM-100) Arbitrary SQL Command Query Vulnerability
D-Link Central WiFi Manager CWM-100 is a Web-based wireless access point management tool. An arbitrary SQL command query vulnerability exists in D-Link Central WiFi Manager CWM-100 versions prior to 1.03R0100BETA6. The vulnerability stems from a failure to validate input. An attacker can exploit...
CVE-2017-15063
There are CSRF vulnerabilities in Subrion CMS 4.1.x through 4.1.5, and before 4.2.0, because of a logic error. Although there is functionality to detect CSRF, it is called too late in the ia.core.php code, allowing for example an attack against the query parameter to panel/database...
Subrion CMS SQL Injection Vulnerability
Subrion CMS is a PHP-based content management system CMS developed by the Subrion team. The system can be integrated into a website and supports a wide range of extensions plug-ins and more. A SQL injection vulnerability exists in the admin/database/ URI in Subrion CMS version 4.0.5.10. A remote...