3 matches found
The vulnerability of the UpdateSite function in the software controller for centralized control of wireless networks by D-Link Central WiFi Manager allows a intruder to inject any arbitrary code into the uploaded web page.
The vulnerability of the UpdateSite function in the software controller for D-Link Central WiFi Manager exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary code into the uploaded web page remotely...
SQL Injection Vulnerability in D-link Central WifiManager Co***.php Page
D-LINK Central WifiManager CWM-100 is D-LINK centralized wireless management software. A SQL injection vulnerability exists in the D-LINK Central WifiManager Co.php page, which can be exploited by an attacker to gain access to database information and also modify or delete arbitrary database data...
CVE-2018-17443
An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'sitename' parameter of the UpdateSite endpoint is vulnerable to stored XSS...