Page 2 of 7 results (0.005 seconds)

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows an attacker to inject JavaScript into the "Status -> Active Client Table" page via the hostname field in a DHCP request. Vulnerabilidad Cross-Site Scripting (XSS) en routers D-Link DIR-615 20.07 permite que un atacante inyecte JavaScript en la página "Status -> Active Client Table" mediante el campo hostname en una petición DHCP. • https://github.com/reevesrs24/cve/blob/master/D-Link_DIR-615/xss_DHCP/dlink_dir615_xss_dhcp.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 3

D-Link DIR-615 T1 devices allow XSS via the Add User feature. Los dispositivos D-Link DIR-615 T1 permiten Cross-Site Scripting (XSS) mediante la característica Add User. The D-Link DIR-615 wireless router suffers from a persistent cross site scripting vulnerability. • https://www.exploit-db.com/exploits/44473 http://packetstormsecurity.com/files/147184/D-Link-DIR-615-Cross-Site-Scripting.html https://hacksayan.wordpress.com/d-link-dir-615-wireless-router-persistent-cross-site-scripting-xss • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •