100 matches found
CVE-2023-48842
D-Link Go-RT-AC750 revAv101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi...
D-Link Go-RT-AC750 安全漏洞
The D-Link GO-RT-AC750 is a wireless dual-band simple router from China's AUO D-Link. A command injection vulnerability exists in the D-Link Go-RT-AC750 revAv101b03 version, which stems from the service parameter of hedwig.cgi failing to correctly filter the construct command special characters,...
Packers and Movers Management System SQL Injection Vulnerability
Packers and Movers Management System is a Packers and Movers Management System by Carlo Montero Individual Developer. A security vulnerability exists in Sourcecodester Packers and Movers Management System v1.0, which stems from a SQL injection vulnerability in the parameter p=services/viewservice...
CVE-2023-46059
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
CVE-2023-46059
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
CVE-2023-46059
Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...
PT-2023-27543 · Openknowledgemaps · Openknowledgemaps Head Start
Name of the Vulnerable Software and Affected Versions: OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 Visual Project Explorer version 1.0 Description: A reflected cross-site scripting XSS issue allows remote attackers to execute arbitrary JavaScript in the web browser of a user. This is achieve...
CVE-2023-34800
D-Link Go-RT-AC750 revAv101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgimain...
Command injection
D-Link Go-RT-AC750 revAv101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgimain...
PT-2023-3363 · D Link · D-Link Go-Rt-Ac750
Name of the Vulnerable Software and Affected Versions: D-Link Go-RT-AC750 revA v101b03 Description: The issue is related to a command injection vulnerability. It can be exploited via the service parameter at genacgi main, allowing a remote attacker to execute arbitrary commands. The vulnerability...
Dental Clinic Appointment Reservation System 跨站脚本漏洞
Dental Clinic Appointment Reservation System is a Dental Clinic Appointment Reservation System by jkev Personal Developer. A cross-site scripting vulnerability exists in SourceCodester Dental Clinic Appointment Reservation System version 1.0 due to an unknown function in the file /admin/service.p...
Git 注入漏洞
GIT is a revision control system. GIT suffers from a service parameter injection vulnerability that can be exploited by an attacker to execute arbitrary code from a distance...
CVE-2023-26822
D-Link Go-RT-AC750 revAv101b03 was discovered to contain a command injection vulnerability via the service parameter at soapcgi.main...
SUSE CVE-2013-4955
Open redirect vulnerability in the login page in Puppet Enterprise before 3.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the service parameter...
D-LINK DIR 645A1 缓冲区错误漏洞
The D-LINK DIR 645A1 is a wireless router from China-based AUO D-LINK. The D-LINK DIR 645A1 1.06B01Beta01 suffers from a buffer error vulnerability that originates from a stack overflow via the service= variable in the genacgimain function...
PT-2023-14624 · Archibus · Archibus Web Central
Name of the Vulnerable Software and Affected Versions: Archibus Web Central version 2022.03.01.107 Description: An issue was discovered in the application where a service accepts user-controlled parameters to act on the data returned to the user. This allows a basic user to access data unrelated ...
CVE-2022-46588
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the sysservice parameter in the setupwizardmydlink sub4104B8 function...
TRENDnet TEW-755AP 缓冲区错误漏洞
The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a stack overflow vulnerability that stems from a lack of size checking of input data in the sysservice parameter of the setupwizardmydlink sub4104B8 function, which can be exploited by an attacker to execute...
PT-2022-27924 · Trendnet · Trendnet Tew755Ap
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW755AP version 1.13B01 Description: A command injection issue was found in the setup wizard mydlink function, specifically via the sys service parameter in the sub 4104B8 function. Recommendations: For TRENDnet TEW755AP version...
CVE-2022-46588
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the sysservice parameter in the setupwizardmydlink sub4104B8 function...