CVE-2026-2962

CVE-2026-2962 affects D-Link DWR-M960 (firmware 1.01.07). The flaw resides in the function sub_460F30 of the file /boafrm/formDateReboot within the Scheduled Reboot Configuration Endpoint. Manipulating the submit-url argument triggers a stack-based buffer overflow, allowing a remote attacker to p...

CVE-2026-2853

A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated...

CVE-2004-2438

Cross-site scripting XSS vulnerability in PHP-Fusion 4.01 allows remote attackers to inject arbitrary web script or HTML via the 1 Submit News, 2 Submit Link or 3 Submit Article field...

CVE-2004-2438

PHP-Fusion 4.01 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the Submit News, Submit Link, or Submit Article fields. The CVE-2004-2438 entry documents this XSS issue across multiple input points but provides limi...