A SQL Injection exists in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 in PayAction.class.php with the index.php/Pay/passcodeAuth parameter passcode. The vulnerability does not need any authentication.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dlink central_wifimanager 1.03 |