First published: Mon Jul 07 2014(Updated: )
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DIR-645 Router (Rev. A1) with firmware before 1.04B11 allow remote attackers to inject arbitrary web script or HTML via the (1) deviceid parameter to parentalcontrols/bind.php, (2) RESULT parameter to info.php, or (3) receiver parameter to bsc_sms_send.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dlink Dir-645 Firmware | <=1.03 | |
Dlink Dir-645 | =a1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.