Irancell WIMAX Modem WIXFMM-130 CSRF Accounting User Password Viewer Vulnerability

Exploit for cgi platform in category web applications Exploit Title: Irancell WIMAX Modem WIXFMM-130 CSRF Accounting User Password Viewer Vendor Homepage: http://wimax.irancell.ir/Portal/Home/ Version: WIXFMM-130 Exploit : http://192.168.1.1/ajax.cgi?action=taginitwimaxauth.php Result :...

CVE-2015-1028

Multiple cross-site scripting XSS vulnerabilities in D-Link DSL-2730B router rev C1 with firmware GE1.01 allow remote authenticated users to inject arbitrary web script or HTML via the 1 domainname parameter to dnsProxy.cmd DNS Proxy Configuration Panel; the 2 brName parameter to lancfg2get.cgi L...

CVE-2015-1028

CVE-2015-1028 affects the D-Link DSL-2730B router (rev C1) with firmware GE_1.01, exposing multiple XSS vulnerabilities that allow remote authenticated users to inject arbitrary scripts via parameters in dnsProxy.cmd, lancfg2get.cgi, wlsecrefresh.wl, and wlsecurity.wl. Connected sources corrobora...

PT-2015-5024 · D Link · D-Link Dsl-2730B

Name of the Vulnerable Software and Affected Versions: D-Link DSL-2730B router rev C1 with firmware GE 1.01 Description: The issue allows remote authenticated users to inject arbitrary web script or HTML via several parameters, including the domainname parameter to "dnsProxy.cmd" DNS Proxy...