62219 matches found
D-Link Central WifiManager - Server-Side Request Forgery
D-Link Central WifiManager is susceptible to server-side request forgery. The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, as demonstrated by an...
D-Link Routers - Local File Inclusion
D-Link routers DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02,DWR-512 through 2.02,DWR-712 through 2.02,DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01, and probably others with the same type of firmware allows remote attackers to read arbitrary files via a /...
Zarinpal Paid Download - Reflected XSS
Zarinpal Paid Download WordPress plugin v2.3 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users such as admin, exploit requires...
D-Link DIR-803 - Authentication Bypass
An authentication bypass vulnerability exists in D-Link DIR-803 routers firmware A1 1.04 and earlier. By manipulating the AUTHORIZEDGROUP parameter in /getcfg.php via newline injection, an attacker can retrieve XML configuration containing administrator credentials without authentication. id:...
Guten Free Options - Cross Site Scripting
Guten Free Options WordPress plugin = 0.9.5 contains a reflected cross-site scripting caused by unsanitized parameter output, letting attackers execute malicious scripts in high privilege users' browsers, exploit requires victim to click malicious link. id: CVE-2024-13492 info: name: Guten Free...
MaNGOSWebV4 < 4.0.8 - Cross-Site Scripting
paintballrefjosh/MaNGOSWebV4 4.0.8 contains a reflected XSS caused by unsanitized input in install/index.php step parameter, letting attackers execute arbitrary scripts in the victim's browser, exploit requires victim to visit a maliciously crafted URL id: CVE-2017-6478 info: name: MaNGOSWebV4...
Giga Messenger WordPress - Cross-Site Scripting
Giga Messenger WordPress plugin = 2.3.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a...
D-Link - Remote Command Execution
A Remote Command Execution RCE vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file id: CVE-2021-45382 info: name: D-Link - Remote Command Execution author: king-alexander severity: critic...
CVE-2026-15135
creationtimestamp| type| source ---|---|--- 2026-07-09 02:09:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq6kj7txko27...
CVE-2026-54783
creationtimestamp| type| source ---|---|--- 2026-07-09 02:04:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq6kabger32x...
CVE-2026-54780
creationtimestamp| type| source ---|---|--- 2026-07-09 01:44:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq6j4hinzz2z...
CVE-2026-54774
creationtimestamp| type| source ---|---|--- 2026-07-09 01:36:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq6io2uglh2x...
CVE-2026-15132
creationtimestamp| type| source ---|---|--- 2026-07-09 01:18:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq6hnnyctx27 2026-07-09 04:46:06+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260709...
CVE-2026-58210
creationtimestamp| type| source ---|---|--- 2026-07-08 23:10:14+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mq6ai44tz62n...
CVE-2026-8649
creationtimestamp| type| source ---|---|--- 2026-07-08 22:54:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq67m5hson27...
CVE-2026-55596
creationtimestamp| type| source ---|---|--- 2026-07-08 22:35:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq66jmihnl27...
CVE-2026-58208
creationtimestamp| type| source ---|---|--- 2026-07-08 22:19:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq65o5u3x42x...
CVE-2026-8801
creationtimestamp| type| source ---|---|--- 2026-07-08 22:13:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq65cl2ju42g 2026-07-09 19:26:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqaeg6yw7v2h...
CVE-2026-59935
creationtimestamp| type| source ---|---|--- 2026-07-08 22:07:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq64xsux7c24...
CVE-2026-60105
creationtimestamp| type| source ---|---|--- 2026-07-08 22:01:17+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mq64ms7gqd2w 2026-07-09 09:14:21+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mq7cadytwy26...