CVE

Id
67336  
CVE No.
CVE-2013-7389  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceid parameter to parentalcontrols/bind.php, (2) RESULT parameter to info.php, or (3) receiver parameter to bsc_sms_send.php.  
Phase
Assigned (20140707)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
649502 67336 CVE-2013-7389 MISC:http://roberto.greyhats.it/advisories/20130801-dlink-dir645.txt  View
649503 67336 CVE-2013-7389 CONFIRM:http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10008  View
649504 67336 CVE-2013-7389 BID:61579  View
649505 67336 CVE-2013-7389 URL:http://www.securityfocus.com/bid/61579  View
649506 67336 CVE-2013-7389 OSVDB:95910  View
649507 67336 CVE-2013-7389 URL:http://osvdb.org/show/osvdb/95910  View
649508 67336 CVE-2013-7389 OSVDB:95952  View
649509 67336 CVE-2013-7389 URL:http://osvdb.org/show/osvdb/95952  View
649510 67336 CVE-2013-7389 OSVDB:95953  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
25053 JVNDB-2013-006628 Splunk の "runshellscript echo.sh" スクリプトにおける任意のコマンドを実行される脆弱性 Splunk の "runshellscript echo.sh" スクリプトには、任意のコマンドを実行される脆弱性が存在します。 CVE-2013-7394 67336 9 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006628.html  View