7 matches found
EUVD-2022-37078
Malicious code in bioql PyPI...
The vulnerability of the sys_login function in the /cgi-bin/login.cgi script of the WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3, and WL-WN576K1 routers allows a hacker to execute arbitrary code.
The vulnerability of the syslogin function in the /cgi-bin/login.cgi script of the WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3, and WL-WN576K1 routers is related to the copying of buffers without checking the size of the input data during the processing of the loginpage...
CVE-2022-34048
Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting XSS vulnerability via the loginpage parameter...
CVE-2022-34048
Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting XSS vulnerability via the loginpage parameter...
Cross site scripting
Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting XSS vulnerability via the loginpage parameter...
CVE-2022-34048
CVE-2022-34048 affects Wavlink WN533A8 (M33A8.V5030.190716). The issue is a reflected cross-site scripting (XSS) vulnerability exploitable via the login_page parameter in the device’s login page. Attack impact, as described in connected sources, could allow an attacker to execute arbitrary script...
CVE-2020-16255
ownCloud Core before 10.5 allows XSS in login page 'forgot password.'...