Enviar #501351: D-Link DIR-816 1.01TO Cross Site Scriptinginformación

TítuloD-Link DIR-816 1.01TO Cross Site Scripting
DescripciónIn the 'cgi-bin/webproc' directory within the user account, there is an unrestricted stored Cross-Site Scripting (XSS) vulnerability and injection attacks on the 'SSID' parameter of the "D-Link DIR-816" system. This function executes the user parameter without restrictions. To view the script in action, simply access the 'Setup' directory. Malicious attackers can exploit this vulnerability to obtain sensitive information from clients.
Fuente⚠️ http://x.x.x.x:8080/cgi-bin/webproc?getpage=html/index.html&var:menu=24gwlan&var:page=24G_basic
Usuario
 Fergod (UID 55882)
Sumisión2025-02-14 18:00 (hace 1 Año)
Moderación2025-02-17 11:10 (3 days later)
EstadoAceptado
Entrada de VulDB296023 [D-Link DIR-816 1.01TO index.html&var:menu=24gwlan&var:page=24G_basic SSID secuencias de comandos en sitios cruzados]
Puntos20

Do you need the next level of professionalism?

Upgrade your account now!