Enviar #628334: D-link DIR-818LW Firmware version: 1.04 Firmware version: 1.04 Cross Site Scriptinginformación

TítuloD-link DIR-818LW Firmware version: 1.04 Firmware version: 1.04 Cross Site Scripting
DescripciónIn the 'bsc_lan.php' file, in the parameter 'Name' an unrestricted Cross-Site Scripting (XSS) vulnerability and injection attacks exist in the "D-link DIR-818LW", specifically targeting the 'Name' parameter in 'DHCP reserved address' . The function executes the user-supplied parameter without validation. Malicious attackers can leverage this vulnerability to access sensitive client information. script: <img/src/onerror=prompt(8)>
Fuente⚠️ http://x.x.x.x:1080/bsc_lan.php
Usuario
 Edcarlos (UID 53778)
Sumisión2025-08-04 19:39 (hace 9 meses)
Moderación2025-08-13 21:07 (9 days later)
EstadoAceptado
Entrada de VulDB320032 [D-Link DIR-818LW 1.04 DHCP Reserved Address /bsc_lan.php Nombre secuencias de comandos en sitios cruzados]
Puntos17

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!