Lucene search
K

46 matches found

Cvelist
Cvelist
added 2024/11/20 12:0 a.m.17 views

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

0.29695EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/12/22 12:0 a.m.9 views

PT-2023-31738 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution. This is achieved through the langFlag parameter of the "setLanguageCfg" interface in the "cstecgi.cgi" endpoint...

9.8CVSS9.6AI score0.0097EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/08/10 8:15 p.m.3 views

CVE-2022-35523

WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter delmac and parameter flag, which leads to command injection in page /cliblacklist.shtml...

9.8CVSS7.3AI score0.02302EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/09 12:0 a.m.4 views

PT-2022-22886 · Wavlink · Wavlink Wn530H4 +4

Name of the Vulnerable Software and Affected Versions: WAVLINK WN572HP3 WAVLINK WN533A8 WAVLINK WN530H4 WAVLINK WN535G3 WAVLINK WN531P3 Description: The issue concerns a lack of filtering on the del mac and flag parameters in the firewall.cgi, leading to command injection in the /cli black...

9.8CVSS9.7AI score0.02302EPSS
Exploits1References2
CNVD
CNVD
added 2022/02/21 12:0 a.m.16 views

TOTOLINK A720R Stack Overflow Vulnerability (CNVD-2022-17121)

TOTOLINK A720R is a wireless router.TOTOLINK A720R v4.1.5cu.470B20200911 is vulnerable to a stack overflow vulnerability, which can be exploited by attackers to cause a denial of service DoS via the flag parameter...

7.8CVSS5.3AI score0.01175EPSS
Exploits1References1
OSV
OSV
added 2022/02/04 2:15 a.m.4 views

CVE-2021-45739

TOTOLINK A720R v4.1.5cu.470B20200911 was discovered to contain a stack overflow in the FormLogin function. This vulnerability allows attackers to cause a Denial of Service DoS via the flag parameter...

7.5CVSS5.8AI score0.01175EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/02/04 12:0 a.m.4 views

PT-2022-12381 · Totolink · Totolink A720R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A720R version 4.1.5cu.470 B20200911 Description: A stack overflow was discovered in the Form Login function, allowing attackers to cause a Denial of Service DoS via the flag parameter. Recommendations: For TOTOLINK A720R version...

7.8CVSS7.6AI score0.01175EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.5 views

Totolink A720R 缓冲区错误漏洞

TOTOLINK A720R is a wireless router.TOTOLINK A720R v4.1.5cu.470B20200911 is vulnerable to a stack overflow vulnerability, which can be exploited by attackers to cause a denial of service DoS via the flag parameter...

7.8CVSS5.6AI score0.01175EPSS
Exploits1References2
NVD
NVD
added 2021/08/20 2:15 p.m.18 views

CVE-2020-18877

SQL Injection in Wuzhi CMS v4.1.0 allows remote attackers to obtain sensitive information via the 'flag' parameter in the component '/coreframe/app/order/admin/index.php'...

7.5CVSS0.01481EPSS
Exploits1References1
Prion
Prion
added 2021/08/20 2:15 p.m.16 views

Sql injection

SQL Injection in Wuzhi CMS v4.1.0 allows remote attackers to obtain sensitive information via the 'flag' parameter in the component '/coreframe/app/order/admin/index.php'...

5CVSS7.7AI score0.01481EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/11/21 4:15 p.m.3 views

CVE-2018-8879

Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters ar...

9.8CVSS6.4AI score0.17188EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2019/11/21 4:15 p.m.2 views

CVE-2018-8879

Stack-based buffer overflow in Asuswrt-Merlin firmware for ASUS devices older than 384.4 and ASUS firmware before 3.0.0.4.382.50470 for devices allows remote attackers to execute arbitrary code by providing a long string to the blocking.asp page via a GET or POST request. Vulnerable parameters ar...

9.8CVSS6.4AI score0.17188EPSS
Exploits1References3
Veracode
Veracode
added 2019/03/26 7:8 a.m.9 views

Command Injection

opencv is vulnerable to command injection. User input is not validated for the flag parameter, which would allow an attacker to inject and execute arbitrary commands...

9.8CVSS9.7AI score0.04239EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2019/03/21 4:1 p.m.4 views

CVE-2019-7418

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.2508-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag, frame, func, and Nfunc...

6.1CVSS5.8AI score0.0155EPSS
Exploits2References4
CNVD
CNVD
added 2018/03/30 12:0 a.m.2 views

ASUS RT-N14UHP 'flag' parameter cross-site scripting vulnerability

The ASUS RT-N14UHP is a wireless router device from ASUS. A cross-site scripting vulnerability exists in the 'flag' parameter in ASUS RT-N14UHP devices prior to version 3.0.0.4.380.8015. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.1AI score0.00675EPSS
Exploits1References1
OSV
OSV
added 2018/03/16 2:29 p.m.2 views

CVE-2017-12590

ASUS RT-N14UHP devices before 3.0.0.4.380.8015 have a reflected XSS vulnerability in the "flag" parameter...

6.1CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added 2018/03/16 2:4 p.m.12 views

CVE-2017-12590

ASUS RT-N14UHP devices before 3.0.0.4.380.8015 have a reflected XSS vulnerability in the "flag" parameter...

6.1AI score0.00675EPSS
Exploits1References1
CNVD
CNVD
added 2017/08/23 12:0 a.m.1 views

SQL Injection Vulnerability in CMS ArticleAction.class.php Page

Fargo CMS is a marketing enterprise building system based on PHP + MYSQL as the core development. A SQL injection vulnerability exists in the CMS ArticleAction.class.php page. The vulnerability is due to the system flag parameter does not filter the data submitted by the user, a remote attacker c...

7.8AI score
Exploits0
Prion
Prion
added 2015/03/23 4:59 p.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 nextpage, 2 groupid, 3 actionscript, or 4 flag parameter to startapply.htm...

4.3CVSS6.1AI score0.01909EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2015/03/23 4:0 p.m.24 views

CVE-2015-2681

Multiple cross-site scripting XSS vulnerabilities in the ASUS RT-G32 routers with firmware 2.0.2.6 and 2.0.3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 nextpage, 2 groupid, 3 actionscript, or 4 flag parameter to startapply.htm...

5.9AI score0.01909EPSS
Exploits1References4
Rows per page
Query Builder