EUVD-2026-17107

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

CVE-2026-34472

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

CVE-2026-34472

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

PT-2026-29045

Name of the Vulnerable Software and Affected Versions ZTE ZXHN H188A versions V6.0.10P2 TE through V6.0.10P3N3 TE Description An issue exists that allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface. These credentials...

CVE-2026-34472

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

CVE-2026-34472

CVE-2026-34472 affects ZTE ZXHN H188A routers with firmware versions V6.0.10P2_TE and V6.0.10P3N3_TE. An unauthenticated attacker on the local network can access the router’s web management wizard interface to disclose sensitive credentials (default administrator password, WLAN PSK, PPPoE credent...

Cross site scripting

A vulnerability was found in UDX Stateless Media Plugin 3.1.1 on WordPress. It has been declared as problematic. This vulnerability affects the function setupwizardinterface of the file lib/classes/class-settings.php. The manipulation of the argument settings leads to cross site scripting. The...

CVE-2022-4905 UDX Stateless Media Plugin class-settings.php setup_wizard_interface cross site scripting

A vulnerability was found in UDX Stateless Media Plugin 3.1.1 on WordPress. It has been declared as problematic. This vulnerability affects the function setupwizardinterface of the file lib/classes/class-settings.php. The manipulation of the argument settings leads to cross site scripting. The...

WordPress plugin UDX Stateless Media Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin UDX Stateless Media Plugin...

PT-2023-15913 · Unknown · Udx Stateless Media Plugin

Name of the Vulnerable Software and Affected Versions: UDX Stateless Media Plugin version 3.1.1 Description: A vulnerability was found in the UDX Stateless Media Plugin. It affects the setup wizard interface function of the file lib/classes/class-settings.php. The manipulation of the settings...

commix

This is a PoC exploit for command injection attacks, specifically targeting web-based applications. The tool, named Commix, is designed to automate the process of testing web applications for command injection vulnerabilities. It can be used by web developers, penetration testers, or security...

Reconnaissance Swiss Army Knife: ReconDog

Main Features Wizard + CLA interface Can extracts targets from STDIN piped input and act upon them All the information is extracted with APIs, no direct contact is made to the target Utilities Censys : Uses censys.io to gather massive amount of information about an IP address. NS Lookup : Does na...