CVE-2025-14910

A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handleretr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is...

EUVD-2025-204431

A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handleretr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is...

CVE-2025-14910 Edimax BR-6208AC FTP Daemon Service handle_retr path traversal

A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handleretr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is...

CVE-2025-14910 Edimax BR-6208AC FTP Daemon Service handle_retr path traversal

A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handleretr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product is...

PT-2025-52401

A vulnerability was detected in Edimax BR-6208AC 1.02. This impacts the function handle retr of the component FTP Daemon Service. The manipulation results in path traversal. The attack may be launched remotely. The exploit is now public and may be used. Edimax confirms this issue: "This product i...

PT-2025-3799 · Code Projects · Travel Management System

Name of the Vulnerable Software and Affected Versions: code-projects Travel Management System version 1.0 Description: A critical issue has been found in the Travel Management System, affecting some unknown processing of the file /enquiry.php. The manipulation of the argument...

PT-2024-17808 · Unknown · Code-Projects Simple Admin Panel

Name of the Vulnerable Software and Affected Versions: code-projects Simple Admin Panel version 1.0 Description: A critical vulnerability has been found in the file updateOrderStatus.php, affecting an unknown functionality. The manipulation of the record argument leads to SQL injection. The attac...

PT-2024-17811 · Unknown · 1000 Projects Attendance Tracking Management System

Name of the Vulnerable Software and Affected Versions: 1000 Projects Attendance Tracking Management System version 1.0 Description: A critical vulnerability has been found in the 1000 Projects Attendance Tracking Management System. This issue affects unknown code of the file /admin/student...

PT-2024-35728 · Unknown · Car Rental Management System

Name of the Vulnerable Software and Affected Versions: Car Rental Management System versions 1.0 through 1.3 Description: The issue allows attackers to execute arbitrary code via uploading a crafted file, exploiting an authenticated arbitrary file upload vulnerability. Recommendations: For versio...

PT-2024-25456 · Levelone · Levelone Wbr-6012

Name of the Vulnerable Software and Affected Versions: LevelOne WBR-6012 router firmware version R0.40e6 Description: The issue is related to an input validation vulnerability within the FTP functionality, allowing attackers to cause a denial of service through a series of malformed FTP commands...

PT-2024-34201 · WordPress · Surveyjs: Drag & Drop Wordpress Form Builder

Name of the Vulnerable Software and Affected Versions: SurveyJS: Drag & Drop WordPress Form Builder versions 1.9.136 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability. This means that the software may allow uploading files of dangero...

PT-2024-33352 · Unknown · Feed Comments Number

Name of the Vulnerable Software and Affected Versions: Feed Comments Number versions 0.2.1 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited by uploading malicious files,...

PT-2024-33217 · Dycms · Dycms

Name of the Vulnerable Software and Affected Versions: DYCMS Open-Source Version v2.0.9.41 Description: The issue allows a remote attacker to execute arbitrary code via the application only detecting the extension of image files in the front-end. This weakness lets a remote attacker run any code...

PT-2024-38928 · Unknown · Dingfanzu Cms

Name of the Vulnerable Software and Affected Versions: dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c Description: A critical vulnerability has been found in dingfanzu CMS, affecting an unknown part of the file /ajax/getBasicInfo.php. The manipulation of the username argument leads ...

PT-2024-31512 · Byob · Byob

Name of the Vulnerable Software and Affected Versions: BYOB Build Your Own Botnet version 2.0 Description: An arbitrary file write issue in the exfiltration endpoint allows attackers to overwrite SQLite databases and bypass authentication via an unauthenticated HTTP request with a crafted...

PT-2024-26566 · Xintongda · Xintongda Oa

Name of the Vulnerable Software and Affected Versions: Xintongda OA version 2023.12.30.1 Description: The issue is related to an arbitrary file upload vulnerability in the File Preview function, allowing attackers to execute arbitrary code by uploading a crafted PDF file. Recommendations: For...

PT-2024-22868 · Mozilocms · Mozilocms

Name of the Vulnerable Software and Affected Versions: moziloCMS version 2.0 Description: The issue allows attackers to bypass file upload restrictions, potentially leading to unauthorized file execution or storage of malicious content. This is achieved by renaming files, which can result in the...

PT-2024-21098 · Sourcecodester · Sourcecodester Employee Task Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Employee Task Management System version 1.0 Description: A critical vulnerability was found in the SourceCodester Employee Task Management System, affecting an unknown part of the file /edit-task.php. The manipulation leads to...

PT-2024-18335 · Unknown · Code-Projects Crime Reporting System

Name of the Vulnerable Software and Affected Versions: code-projects Crime Reporting System version 1.0 Description: A critical issue has been found in the code-projects Crime Reporting System, affecting the file inchargelogin.php. The manipulation of the email and password arguments leads to SQL...

PT-2024-20420 · Unknown · Daily Habit Tracker

Name of the Vulnerable Software and Affected Versions: Daily Habit Tracker version 1.0 Description: The issue allows a remote attacker to execute arbitrary code via a crafted GET request. This is due to a SQL Injection vulnerability in the delete-tracker.php file. Recommendations: For Daily Habit...