4 matches found
CVE-2025-60550
D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime parameter in the function formEasySetTimezone...
Grandstream GXV31XX 'settimezone' Unauthenticated Command Execution
This module exploits a command injection vulnerability in Grandstream GXV31XX IP multimedia phones. The 'settimezone' action does not validate input in the 'timezone' parameter allowing injection of arbitrary commands. A buffer overflow in the 'phonecookie' cookie parsing allows authentication to...
Grandstream GXV3175 'settimezone' Unauthenticated Command Execution
This module exploits a command injection vulnerability in Grandstream GXV3175 IP multimedia phones. The 'settimezone' action does not validate input in the 'timezone' parameter allowing injection of arbitrary commands. A buffer overflow in the 'phonecookie' cookie parsing allows authentication to...
Multiple CSRF vulnerabilities - ownCloud
Multiple cross-site request forgery CSRF vulnerabilities in ownCloud 4.5.6 and 4.0.11 and all prior versions before allows remote attackers to hijack the authentication for users via the “lat” and “lng” POST parameters to guesstimezone.php in /apps/calendar/ajax/settings/ CVE-2013-0299 Commits:...