CVE-2026-7248

A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfilehtm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-7248 D-Link DI-8100 CGI Endpoint tgfile.htm tgfile_htm buffer overflow

A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfilehtm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used...

D-Link DI-8100 缓冲区错误漏洞

The D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments by D-Link Corporation. The D-Link DI-8100 version 16.07.26A1 contains a buffer overflow vulnerability. This vulnerability stems from the tgfilehtm function in the CGI Endpoint component, whi...

EUVD-2025-209311

D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fn parameter in the tgfilehtm function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-45059

D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fn parameter in the tgfilehtm function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-45059

D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fn parameter in the tgfilehtm function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

EUVD-2006-6122

Malware in sbrugna...

CVE-2024-52754

D-LINK DI-8003 v16.07.16A1 was discovered to contain a buffer overflow via the fn parameter in the tgfilehtm function...

PT-2024-8580 · D Link · D-Link Di-8003

Name of the Vulnerable Software and Affected Versions: D-LINK DI-8003 version 16.07.16A1 Description: A buffer overflow issue was discovered in the tgfile htm function, related to the fn parameter. This could allow a remote attacker to impact the confidentiality, integrity, and availability of...

CVE-2024-52754

CVE-2024-52754 affects D-LINK DI-8003 (firmware 16.07.16A1). A buffer overflow in the tgfile_htm function is triggered via the fn parameter. Public references corroborate the issue; impact is noted as availability-related. A temporary workaround from PTSecurity recommends restricting access to th...

CVE-2023-45574

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

CVE-2023-45572

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

PT-2023-6459 · D Link · Di-7200Gv2 +4

Name of the Vulnerable Software and Affected Versions: D-Link DI-7003GV2 versions 23.08.25D1 and before D-Link DI-7100G+V2 versions 23.08.23D1 and before D-Link DI-7100GV2 version 23.08.23D1 D-Link DI-7200G+V2 versions 23.08.23D1 and before D-Link DI-7200GV2 versions 23.08.23E1 and before D-Link...

D-Link Di-7200G Buffer Error Vulnerability

The D-Link Di-7200G is a Gigabit enterprise router from China's AUO D-Link. A security vulnerability exists in the D-Link Di-7200G, which can be caused by manipulating the fn parameter in the tgfile.asp function to cause a stack overflow...

Authentication Bypass

php-horde-gollem is vulnerable to authentication bypass. The File Manager gollem module allows remote attackers to bypass Horde authentication for file downloads via a malicious fn parameter that corresponds to the exact filename...

CVE-2017-17651

Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter...

CVE-2017-17651

Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in actions.php in Positive Software H-Sphere WebShell 4.3.10 allows remote attackers to inject arbitrary web script or HTML via 1 the fn parameter during a dload action, 2 the mask parameter during a search action, and 3 the tab parameter during a sysinfo...

CVE-2006-6139

CVE-2006-6139 is a directory traversal vulnerability in the downloadexcel.php component of Sisfo Kampus 2006 (Semarang 3). It allows remote attackers to read arbitrary files via the fn parameter. This description is supported by NVD/CVE records; exploitation status is not provided in the document...