6 matches found
CVE-2026-7014
A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...
CVE-2026-7014
CVE-2026-7014 describes a cross-site scripting flaw in MaxSite CMS up to version 109.3, affecting the down_count Plugin via manipulation of the f_file/f_prefix argument. The vulnerability allows remote initiation and is tied to an inadequate data filtering path (Self-XSS label noted by the vendor...
MaxSite CMS 跨站脚本漏洞
MaxSite CMS is an open-source website content management system developed by MaxSite in Russia. Versions of MaxSite CMS starting from 109.3 and earlier had a cross-site scripting vulnerability. This vulnerability stemmed from the handling of the ffile/fprefix parameters in the downcount Plugin...
CVE-2026-5212 D-Link DNS-1550-04 webdav_mgr.cgi Webdav_Upload_File stack-based overflow
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...
CVE-2026-5212
The CVE-2026-5212 entry maps to a concrete stack-based buffer overflow in D-Link devices, affecting the Webdav_Upload_File function in /cgi-bin/webdav_mgr.cgi. The vulnerability is triggered by manipulating the f_file argument and allows remote exploitation. Affected devices include D-Link DNS-12...
CVE-2026-5212
A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...