6 matches found
CVE-2017-18484
Cognitoys Dino devices allow XSS via the SSID...
CVE-2017-18485
Cognitoys Dino devices allow profilesadd.html CSRF...
Cross site request forgery (csrf)
Cognitoys Dino devices allow profilesadd.html CSRF...
Command injection
Cognitoys Dino devices allow XSS via the SSID...
CVE-2017-18484
Cognitoys Dino devices are affected by CVE-2017-18484, a cross-site scripting (XSS) vulnerability that can be triggered via the SSID. Redhat/CNVD entries attribute the issue to a lack of proper validation of client-side data by the WEB application, enabling an attacker to execute client-side code...
CVE-2017-18484
Cognitoys Dino devices allow XSS via the SSID...