EUVD-2026-8627

A security vulnerability has been detected in Tenda F453 1.0.0.3. This impacts the function fromSafeEmailFilter of the file /goform/SafeEmailFilter of the component httpd. The manipulation of the argument page leads to buffer overflow. Remote exploitation of the attack is possible. The exploit ha...

PT-2026-21815

A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file food ordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has been disclosed...

CVE-2026-3044

A vulnerability has been found in Tenda AC8 16.03.34.06. This affects the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. The manipulation of the argument boundary leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

PT-2026-21639

Name of the Vulnerable Software and Affected Versions DataLinkDC dinky versions up to 1.2.5 Description A flaw exists in DataLinkDC dinky that allows for remote authentication bypass. This is due to a manipulation within the addInterceptors function located in the file...

CVE-2026-2693

A vulnerability was determined in CoCoTeaNet CyreneAdmin up to 1.3.0. This vulnerability affects unknown code of the file /api/system/dashboard/getCount of the component System Info Endpoint. Executing a manipulation can lead to improper authorization. The attack can be launched remotely. The...

PT-2026-8320

A security vulnerability has been detected in LigeroSmart up to 6.1.26. The affected element is an unknown function of the file /otrs/index.pl. Such manipulation of the argument SortBy leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed publicly and...

CVE-2026-2242

A denial of service flaw was found in janet-lang. A local user could exploit this vulnerability by executing a specially crafted manipulation in the janetcif function. This could lead to an out-of-bounds read, potentially causing a denial of service. Mitigation Mitigation for this issue is either...

CVE-2026-2242 janet-lang janet specials.c janetc_if out-of-bounds

A vulnerability was determined in janet-lang janet up to 1.40.1. This impacts the function janetcif of the file src/core/specials.c. Executing a manipulation can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. This...

CVE-2026-2211

A vulnerability was determined in code-projects Online Music Site 1.0. Affected is an unknown function of the file /Administrator/PHP/AdminDeleteCategory.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been publicly...

CVE-2026-2081

A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/setpassword. This manipulation of the argument httppasswd causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclos...

EUVD-2026-5661

A security vulnerability has been detected in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The impacted element is an unknown function of the file /wanconnectionstatus.asp of the component DHCP Connection Status Handler. The manipulation leads to information disclosure. Remote exploitation of th...

EUVD-2026-5690

A vulnerability has been found in Sanluan PublicCMS up to 4.0.202506.d/5.202506.d/6.202506.d. Impacted is the function Paid of the file publiccms-parent/publiccms-trade/src/main/java/com/publiccms/logic/service/trade/TradePaymentService.java of the component Trade Payment Handler. The manipulatio...

EUVD-2026-5094

A vulnerability was determined in SourceCodester Medical Certificate Generator App 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized...

CVE-2026-1745 SourceCodester Medical Certificate Generator App cross-site request forgery

A vulnerability was determined in SourceCodester Medical Certificate Generator App 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized...

PT-2026-5310

A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross site scripting. It i...

CVE-2026-1506

The CVE-2026-1506 entry affects D-Link DIR-615, specifically the MAC Filter Configuration component’s file /adv_mac_filter.php. The vulnerability is an OS command injection triggered by manipulating the mac argument, enabling remote execution. The issue is documented across multiple sources (NVD,...

PT-2026-5055

Name of the Vulnerable Software and Affected Versions D-Link DIR-615 version 4.10 Description A flaw exists in the MAC Filter Configuration component of the D-Link DIR-615. Specifically, manipulation of the mac argument in the /adv mac filter.php file can lead to os command injection. This allows...

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

CVE-2026-1178

A security vulnerability has been detected in Yonyou KSOA 9.0. Affected by this issue is some unknown functionality of the file /kmf/select.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument folderid leads to sql injection. The attack can be initiated remotely. The...

CVE-2026-0850

A vulnerability was determined in code-projects Intern Membership Management System 1.0. Impacted is an unknown function of the file /admin/deleteactivity.php. Executing a manipulation of the argument activityid can lead to sql injection. The attack may be launched remotely. The exploit has been...