CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

NVD•added 2024/05/06 3:15 p.m.•9 views

CVE-2024-33111

D-Link DIR-845L router =v1.01KRb03 is vulnerable to Cross Site Scripting XSS via /htdocs/webinc/js/bscsmsinbox.php...

5.4CVSS5.8AI score0.01139EPSS

Exploits1References1

Cvelist•added 2020/09/19 7:24 p.m.•16 views

CVE-2020-25786

webinc/js/info.php on D-Link DIR-816L 2.06.B09BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: this is typically not exploitable because of URL encoding except in Internet...

6.2AI score0.00678EPSS

Exploits1References2

NVD•added 2020/07/22 7:15 p.m.•16 views

CVE-2020-15895

An XSS issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. In the file webinc/js/info.php, no output filtration is applied to the RESULT parameter, before it's printed on the webpage...

6.1CVSS6.1AI score0.13735EPSS

Exploits1References2

OSV•added 2020/07/22 7:15 p.m.•0 views

CVE-2020-15895

6.1CVSS6.5AI score0.13735EPSS

Exploits1References2

Positive Technologies•added 2020/07/22 12:0 a.m.•2 views

PT-2020-14693 · D Link · Dir-816

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816L devices versions 2.x before 1.10b04Beta02 Description: A security issue was found where an XSS problem exists due to a lack of output filtration applied to the RESULT parameter in the file webinc/js/info.php, which is then...

6.1CVSS6.1AI score0.13735EPSS

Exploits1References3

NVD•added 2018/04/16 9:58 a.m.•11 views

CVE-2018-10107

D-Link DIR-815 REV. B with firmware through DIR-815REVBFIRMWAREPATCH2.07.B01 devices have XSS in the RESULT parameter to /htdocs/webinc/js/info.php...

6.1CVSS6.1AI score0.00289EPSS

Exploits1References1

Prion•added 2018/04/16 9:58 a.m.•25 views

Design/Logic Flaw

D-Link DIR-815 REV. B with firmware through DIR-815REVBFIRMWAREPATCH2.07.B01 devices have XSS in the RESULT parameter to /htdocs/webinc/js/info.php...

4.3CVSS6AI score0.00289EPSS

Exploits1References1Affected Software1

Prion•added 2018/04/16 9:58 a.m.•13 views

Design/Logic Flaw

D-Link DIR-815 REV. B with firmware through DIR-815REVBFIRMWAREPATCH2.07.B01 devices have XSS in the Treturn parameter to /htdocs/webinc/js/bscsmsinbox.php...

4.3CVSS6AI score0.00289EPSS

Exploits1References1Affected Software1

NVD•added 2018/03/06 8:29 p.m.•20 views

CVE-2018-6529

XSS vulnerability in htdocs/webinc/js/bscsmsinbox.php in D-Link DIR-868L DIR868LA1FW112b04 and previous versions, DIR-865L DIR-865LREVAFIRMWAREPATCH1.08.B01 and previous versions, and DIR-860L DIR860LA1FW110b04 and previous versions allows remote attackers to read a cookie via a crafted Treturn...

6.1CVSS5.9AI score0.00632EPSS

Exploits1References4

CVE•added 2018/03/06 8:0 p.m.•54 views

CVE-2018-6528

CVE-2018-6528 refers to an XSS flaw in D-Link DIR-860L/865L/868L routers (bsc_sms_send.php) that allows a remote attacker to read cookies via a crafted receiver parameter to soap.cgi. Root cause: improper input validation in htdocs/webinc/body/bsc_sms_send.php. Affected firmware versions include ...

6.1CVSS5.8AI score0.00632EPSS

Exploits1References4Affected Software1

CVE•added 2008/06/13 6:0 p.m.•35 views

CVE-2008-2686

CVE-2008-2686 affects Flux CMS up to version 1.5.0 and earlier. The flaw allows remote code execution by overwriting a PHP file in webinc/bxe/scripts/ via a filename in the XML parameter and PHP sequences in the request body, followed by a direct request for the crafted filename. The NVD entry do...

7.5CVSS7.8AI score0.0521EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by