5.1
CVE-2015-20115 - RealtyScript 4.0.2 Stored Cross-Site Scripting via File Upload Parameter
Next Click Ventures RealtyScript 4.0.2 fails to properly sanitize file uploads, allowing attackers to store malicious scripts through the file POST parameter in admin/tools.php. Attackers can upload files containing JavaScript code that executes in the context of admin/tools.php when accessed by otβ¦
5.1
CVE-2015-20114 - RealtyScript 4.0.2 Cross-Site Scripting via Multiple Parameters
Next Click Ventures RealtyScript 4.0.2 contains a cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious input through multiple parameters that are not properly sanitized. Attackers can craft requests with injected script payloads iβ¦
6.9
CVE-2015-20113 - RealtyScript 4.0.2 Multiple Cross-Site Request Forgery and Persistent Cross-Site Scripting Vulnerabβ¦
Next Click Ventures RealtyScript 4.0.2 contains cross-site request forgery and persistent cross-site scripting vulnerabilities that allow attackers to perform administrative actions and inject malicious scripts. Attackers can craft malicious web pages that execute unauthorized actions when logged-iβ¦
8.7
CVE-2013-20006 - Qool CMS Multiple Persistent Cross-Site Scripting Vulnerabilities
Qool CMS contains multiple persistent cross-site scripting vulnerabilities in several administrative scripts where POST parameters are not properly sanitized before being stored and returned to users. Attackers can inject malicious JavaScript code through parameters like 'title', 'name', 'email', 'β¦
6.9
CVE-2013-20005 - Qool CMS 2.0 RC2 Cross-Site Request Forgery via adduser
Qool CMS 2.0 RC2 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions by tricking logged-in users into visiting malicious web pages. Attackers can forge POST requests to the /admin/adduser endpoint with parameters like username, password, emailβ¦
5.3
CVE-2026-4185 - GPAC MP4Box swf_parse.c swf_def_bits_jpeg stack-based overflow
A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This vulnerability affects the function swf_def_bits_jpeg of the file src/scene_manager/swf_parse.c of the component MP4Box. The manipulation of the argument szName results in stack-based buffer overflow. It is possible to lβ¦
9.3
CVE-2026-4184 - D-Link DIR-816 goahead form2Wl5BasicSetup.cgi stack-based overflow
A vulnerability was detected in D-Link DIR-816 1.10CNB05. Affected by this vulnerability is an unknown functionality of the file /goform/form2Wl5BasicSetup.cgi of the component goahead. Performing a manipulation of the argument pskValue results in stack-based buffer overflow. The attack is possibleβ¦
9.3
CVE-2026-4183 - D-Link DIR-816 goahead form2WlanBasicSetup.cgi stack-based overflow
A security vulnerability has been detected in D-Link DIR-816 1.10CNB05. Affected is an unknown function of the file /goform/form2WlanBasicSetup.cgi of the component goahead. Such manipulation of the argument pskValue leads to stack-based buffer overflow. The attack can be executed remotely. The expβ¦
9.3
CVE-2026-4182 - D-Link DIR-816 goahead form2Wl5RepeaterStep2.cgi stack-based overflow
A weakness has been identified in D-Link DIR-816 1.10CNB05. This impacts an unknown function of the file /goform/form2Wl5RepeaterStep2.cgi of the component goahead. This manipulation of the argument key1/key2/key3/key4/pskValue causes stack-based buffer overflow. Remote exploitation of the attack iβ¦
9.3
CVE-2026-4181 - D-Link DIR-816 goahead form2RepeaterStep2.cgi stack-based overflow
A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-based buffer overflow. The attack may be launched remβ¦