2 matches found
CVE-2019-13375
A SQL Injection was discovered in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 in PayAction.class.php with the index.php/Pay/passcodeAuth parameter passcode. The vulnerability does not need any authentication...
D-Link Central WiFi Manager Cross-Site Scripting Vulnerability (CNVD-2018-20464)
D-Link Central WiFi Manager is a WiFi management system from AUO D-Link. A cross-site scripting vulnerability exists in the 'sitename' parameter of the UpdateSite endpoint in versions prior to D-Link Central WiFi Manager 1.03r0100-Beta1. A remote attacker can exploit this vulnerability to inject...