CVE-2026-1625

A vulnerability was detected in D-Link DWR-M961 1.1.47. The impacted element is the function sub4250E0 of the file /boafrm/formSmsManage of the component SMS Message. Performing a manipulation of the argument actionvalue results in command injection. The attack may be initiated remotely. The...

CVE-2026-1625

A vulnerability was detected in D-Link DWR-M961 1.1.47. The impacted element is the function sub4250E0 of the file /boafrm/formSmsManage of the component SMS Message. Performing a manipulation of the argument actionvalue results in command injection. The attack may be initiated remotely. The...

CVE-2026-1596

A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fotaurl causes command injection. The attack is possible to be carried out remotely. The exploit has been published a...

PT-2026-5365

Name of the Vulnerable Software and Affected Versions D-Link DWR-M961 version 1.1.47 Description A security issue exists in D-Link DWR-M961 version 1.1.47. Manipulation of the fota url argument within an unknown function of the /boafrm/formLtefotaUpgradeFibocom file can lead to command injection...

D-Link DWR-M961 has a command injection vulnerability

The D-Link DWR-M961 is a router produced by D-Link Corporation. Version 1.1.47 of the D-Link DWR-M961 contains a command injection vulnerability. This vulnerability arises from incorrect handling of the parameter fotaurl in the file /boafrm/formLtefotaUpgradeQuectel, which may lead to command...

Cross site scripting

Cross-site scripting vulnerability in BackupGuard prior to version 1.1.47 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

CVE-2017-10837

Cross-site scripting vulnerability in BackupGuard prior to version 1.1.47 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

WordPress BackupGuard Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . BackupGuard is one of the site backup and recovery plug-ins . A cross-site scripting vulnerability exists in versio...

JVN#58559719: WordPress plugin "BackupGuard" vulnerable to cross-site scripting

The WordPress plugin "BackupGuard" provided by BackupGuard contains a reflected cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged in user's web browser. Solution Update the plugin Update the plugin according to the information provided by the...

WordPress Contact Form To Email 1.1.47 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting in Contact Form to Email WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016...

DEBIAN-CVE-2008-0808

Cross-site scripting XSS vulnerability in the meta plugin in Ikiwiki before 1.1.47 allows remote attackers to inject arbitrary web script or HTML via meta tags...