EUVD-2026-31531

A weakness has been identified in Edimax BR-6428NS 1.10. This impacts the function system of the file /goform/formWlanM of the component POST Request Handler. Executing a manipulation of the argument...

EUVD-2026-30984

CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the web-based installer public/installer/index.php is vulnerable to unauthenticated Remote Code Execution RCE because it performs the install.lock check only after including and executing form handler...

Open Redirect

Overview Affected versions of this package are vulnerable to Open Redirect through the LoginFormHandler in the login handler. An attacker can send a crafted /login request with a protocol-relative redirect target beginning with // to make the application redirect a victim to an external site afte...

CVE-2026-3813

A vulnerability was identified in opencc JFlow up to 5badc00db382d7cb82dad231e6a866b18e0addfe. Affected by this vulnerability is the function Calculate of the file src/main/java/bp/wf/httphandler/WFCCForm.java. Such manipulation leads to injection. The attack may be performed from remote. The...

CVE-2026-3701

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function EditBasicSSID5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclos...

Allocation of Resources Without Limits or Throttling

Overview @sveltejs/kit is a SvelteKit framework and CLI Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the deserializebinaryform function in the remote form handler. An attacker can exhaust application resources by sending crafted bina...

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

EUVD-2026-4699

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

CVE-2026-1419

CVE-2026-1419 affects D-Link DCS700l 1.03.09. The issue is a command-injection in the Web Form Handler’s setDayNightMode, triggered by manipulating LightSensorControl. It can be exploited remotely and exploit code is publicly available. Affected component, root cause, and impact are described; no...

CVE-2026-1419

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

PT-2026-4722

A weakness has been identified in D-Link DCS700l 1.03.09. Affected is an unknown function of the file /setDayNightMode of the component Web Form Handler. Executing a manipulation of the argument LightSensorControl can lead to command injection. The attack may be launched remotely. The exploit has...

EUVD-2025-27936

Malicious code in bioql PyPI...

CVE-2025-9891

The User Sync – Remote User Sync plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.2. This is due to missing or incorrect nonce validation on the mousersyncformhandler function. This makes it possible for unauthenticated attackers to...

CVE-2025-3863 Post Carousel Slider for Elementor <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form Function

The Post Carousel Slider for Elementor plugin for WordPress is vulnerable to improper authorization due to a missing capability check on the processwbelpspromoform function in all versions up to, and including, 1.6.0. This makes it possible for authenticated attackers, with Subscriber-level acces...

Edimax EW-7438RPn 安全漏洞

Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Xunzhou Edimax. A security vulnerability exists in the Edimax EW-7438RPn version 1.13 and earlier, which stems from the mp.asp form handler not handling command parameters correctly, which could lead to an OS command injecti...

CVE-2025-5785

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formWirelessTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack ma...

CVE-2025-5734

A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The atta...

CVE-2025-3403

A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P 2.4.0.204/3.3.0.104/4.2.0.101. It has been classified as problematic. Affected is an unknown function of the component HTML Form Handler. The manipulation leads to inclusion of sensitive information in source code. It i...

CVE-2025-3403

A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P 2.4.0.204/3.3.0.104/4.2.0.101. It has been classified as problematic. Affected is an unknown function of the component HTML Form Handler. The manipulation leads to inclusion of sensitive information in source code. It i...

CVE-2025-3403

CVE-2025-3403 affects Vivotek NVR ND8422P, ND9525P and ND9541P running versions 2.4.0.204/3.3.0.104/4.2.0.101. The vulnerability is in the HTML Form Handler component and is caused by a manipulation that leads to inclusion of sensitive information in the source code. It is possible to launch the ...