|Max CVSS||8.3||Min CVSS||4.3||Total Count||5|
|ID||CVSS||Summary||Last (major) update||Published|
The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is affected by CSRF an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.
|14-08-2017 - 16:29||14-08-2017 - 16:29|
Aries QWR-1104 Wireless-N Router with Firmware Version WRC.253.2.0913 has XSS on the Wireless Site Survey page, exploitable with the name of an access point.
|28-05-2017 - 14:29||28-05-2017 - 14:29|
import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file.
|21-05-2017 - 14:29||21-05-2017 - 14:29|
login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt.
|21-05-2017 - 00:29||21-05-2017 - 00:29|
PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection.
|19-05-2017 - 11:29||19-05-2017 - 11:29|