Vulnerabilities > Totolink
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-11-26 | CVE-2018-13310 | Cross-site Scripting vulnerability in Totolink A3002Ru Firmware 1.0.8 Cross-site scripting in password.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript via the user's username. | 6.1 |
2018-11-26 | CVE-2018-13309 | Cross-site Scripting vulnerability in Totolink A3002Ru Firmware 1.0.8 Cross-site scripting in password.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript via the user's password. | 6.1 |
2018-11-26 | CVE-2018-13308 | Cross-site Scripting vulnerability in Totolink A3002Ru Firmware 1.0.8 Cross-site scripting in notice_gen.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to execute arbitrary JavaScript by modifying the "User phrases button" field. | 6.1 |