CVE-2025-29594

A vulnerability exists in the errorpage.php file of the CS2-WeaponPaints-Website v2.1.7 where user-controlled input is not adequately validated before being processed. Specifically, the $GET'errorcode' parameter can be manipulated to access unauthorized error codes, leading to Cross-Site Scriptin...

CS2 WeaponPaints Website 安全漏洞

CS2 WeaponPaints Website is a server for plugin by LielXD Personal Developer. A security vulnerability exists in CS2 WeaponPaints Website version v2.1.7, which stems from the errorpage.php file not adequately validating user input, which could lead to cross-site scripting attacks and information...

CVE-2023-32141

D-Link DAP-1360 webproc WEBDisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability...

CVE-2023-32141

D-Link DAP-1360 webproc WEBDisplayPage Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability...

PT-2021-17354

Name of the Vulnerable Software and Affected Versions: D-Link DAP-2020 version 1.01rc001 Description: This issue allows network-adjacent attackers to disclose sensitive information on affected installations. Authentication is not required to exploit this issue. The flaw exists within the processi...

D-link DAP-1360 - Path Traversal / Cross-Site Scripting

Exploit Title: D-Link DAP-1360 File path traversal and Cross site scriptingreflected can lead to Authentication Bypass easily. Date: 20-07-2018 Exploit Author: r3m0t3nu11 Contact : http://twitter.com/r3m0t3nu11 Vendor : www.dlink.com Version: Hardware version: F1 Firmware version: 6.O5 Tested...

PT-2017-7165 · D Link · Dvg-N5402Sp

Name of the Vulnerable Software and Affected Versions: D-Link DVG-N5402SP versions W1000CN-00 through W2000EN-00 Description: A directory traversal issue allows remote attackers to read sensitive information by utilizing a .. dot dot in the errorpage parameter. Recommendations: For D-Link...

dennystraining.net XSS vulnerability

Vulnerable URL: http://dennystraining.net/ErrorPage.aspx?no=...

zhujx.kabahu.com XSS vulnerability

Vulnerable URL: http://zhujx.kabahu.com/errorPage/error.htm?msg=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculate...

CVE-2015-7252

Cross-site scripting XSS vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter...

CVE-2015-7252

Cross-site scripting XSS vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.kPE allows remote attackers to inject arbitrary web script or HTML via the errorpage parameter...

ZTE ZXHN H108N R1A webproc cgi module cross-site scripting vulnerability

The ZTE ZXHN H108N R1A is a wireless router product from China's ZTE Corporation. The webproc cgi in the ZTE ZXHN H108N R1A ZTE.bhs.ZXHNH108NR1A.hPE version fails to properly handle the 'errorpage' parameter, which allows remote attackers to exploit the vulnerability to inject malicious script or...

Squid 3.2.7 DoS (loop, 100% cpu) strHdrAcptLangGetItem() at errorpage.cc

DoS loop, 100 cpu strHdrAcptLangGetItem at errorpage.cc Authors: 22733db72ab3ed94b5f8a1ffcde850251fe6f466 c8e74ebd8392fda4788179f9a02bb49337638e7b AKAT-1 Versions: 3.2.5, 3.2.7 This error is only triggered when squid needs to generate an error page for example backend node is not responding etc...