2 matches found
CVE-2014-3760
CVE-2014-3760 applies to D-Link DAP-1150 firmware 1.2.94, where multiple CSRF flaws allow remote attackers to hijack administrator sessions and perform actions via index.cgi in the Firewall/DMZ and Control/URL-filter sections (e.g., enabling/disabling DMZ or adding/modifying/deleting URL-filter r...
CVE-2014-3761
The CVE-2014-3761 entry describes a Cross-site scripting (XSS) vulnerability in the D-Link DAP-1150, affected firmware 1.2.94. The issue is triggered by a crafted value in the res_buf parameter sent to index.cgi within the Control/URL-filter section, enabling remote attackers to inject arbitrary ...