CVE-2026-10121

A flaw has been found in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formSetUrlFilter of the file /goform/formSetUrlFilter. This manipulation of the argument keywordlist/keyword causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploi...

CVE-2026-10121

creationtimestamp| type| source ---|---|--- 2026-05-30 17:00:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mn3jn3k2yj26 2026-05-30 18:03:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mn3n6fjhzf2u...

CVE-2025-10121

A flaw has been found in uverif up to 3.2. This affects the function addbatch of the file /admin/kamilist. This manipulation of the argument note causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2025-10121 uverif kami_list addbatch sql injection

A flaw has been found in uverif up to 3.2. This affects the function addbatch of the file /admin/kamilist. This manipulation of the argument note causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

CVE-2019-10121

eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.15 use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID via the user authentication dialogue, aka HMCCU-153. This leads to automatic login as admin...

CVE-2018-10121

plugins/box/pages/pages.admin.php in Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the title section of an admin/index.php?id=pages=editpage=error404 aka Edit 404 page action...

CVE-2024-10121

A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue affects some unknown processing of the component Interface Handler. The manipulation with the input /../ leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclos...

CVE-2024-10121

creationtimestamp| type| source ---|---|--- 2024-10-18 21:55:59+00:00| seen| https://t.me/cvedetector/8340...

CVE-2024-10121

A vulnerability was found in wfh45678 Radar up to 1.0.8 and classified as critical. This issue affects some unknown processing of the component Interface Handler. The manipulation with the input /../ leads to authorization bypass. The attack may be initiated remotely. The exploit has been disclos...

CVE-2024-10121

CVE-2024-10121 affects wfh45678 Radar up to version 1.0.8, targeting the Interface Handler. The issue allows remote authorization bypass via manipulation of the input /../, with the vulnerability not classified as path traversal. Multiple sources confirm the impact as an authorization bypass affe...

CVE-2015-10121

creationtimestamp| type| source ---|---|--- 2023-07-10 20:23:57+00:00| seen| https://t.me/cibsecurity/66254...

CVE-2015-10121 Beeliked Microsite Plugin beelikedmicrosite.php embed_handler cross site scripting

A vulnerability has been found in Beeliked Microsite Plugin up to 1.0.1 on WordPress and classified as problematic. Affected by this vulnerability is the function embedhandler of the file beelikedmicrosite.php. The manipulation leads to cross site scripting. The attack can be launched remotely...

CVE-2015-10121

CVE-2015-10121 affects Beeliked Microsite Plugin for WordPress up to version 1.0.1, with the vulnerability in the embed_handler of beelikedmicrosite.php leading to cross-site scripting. The attack is described as remote. Upgrading to version 1.0.2 patches the issue (patch id d23bafb5d05fb2636a2b7...

CVE-2020-10121

CVE-2020-10121 affects cPanel prior to 84.0.20. The description from multiple sources states that a demo account can achieve code execution via the PassengerApps APIs (SEC-546). The Red Hat, CNVD, NVD, and CVE listings corroborate the same flaw; no explicit root-cause details or exploit scripts a...

CVE-2020-10121

cPanel before 84.0.20 allows a demo account to achieve code execution via PassengerApps APIs SEC-546...

CVE-2019-10121

eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.15 use session IDs for authentication but lack authorization checks. An attacker can obtain a session ID via the user authentication dialogue, aka HMCCU-153. This leads to automatic login as admin...

CVE-2019-10121

CVE-2019-10121 affects eQ-3 HomeMatic CCU2 (before 2.41.8) and CCU3 (before 3.43.15): authentication uses session IDs without proper authorization checks, allowing an attacker to get an admin session via the user authentication dialogue (HMCCU-153). Mitigations/patches exist in the vendor changel...

Photon OS 1.0: Openjre PHSA-2017-0026

An update of the openjre package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0026. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121719;...

Google Android has an unspecified vulnerability (CNVD-2018-10121)

Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA, and Qualcomm FSM9055 and other central processing unit CPU products from Qualcomm for different platforms. A security vulnerability exists in the Qualcomm closed-source component ...

CVE-2018-10121

Affected software: Monstra CMS 3.0.4 (admin/pages). Vulnerability: stored XSS in plugins/box/pages/pages.admin.php when an attacker with editor role submits a payload in the title during the Edit 404 page action (admin/index.php?id=pages&action=edit_page&name=error404). Root cause: input in the t...