CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/24 7:15 a.m.•15 views

CVE-2026-9363 Edimax EW-7438RPn POST Request formEZCHNwlanSetu formEZCHNwlanSetup command injection

6.5CVSS0.01364EPSS

ATTACKERKB•added 2026/05/24 7:0 a.m.•8 views

CVE-2026-9362

A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument maxConn/timeOut leads to command injection. The attack...

6.5CVSS6.3AI score0.01364EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/05/24 6:0 a.m.•7 views

CVE-2026-9359 Edimax EW-7438RPn POST Request formHwSet command injection

A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...

6.5CVSS6.4AI score0.01364EPSS

NVD•added 2026/05/24 2:16 a.m.•12 views

CVE-2026-9347

A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...

6.5CVSS0.01788EPSS

Fedora•added 2026/05/24 1:10 a.m.•9 views

[SECURITY] Fedora 42 Update: evince-48.1-2.fc42

Evince is simple multi-page document viewer. It can display and print Portable Document Format PDF, PostScript PS and Encapsulated PostScript EPS files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents...

8.4CVSS7AI score0.00741EPSS

Exploits0

Cvelist•added 2026/05/24 12:30 a.m.•14 views

CVE-2026-9346 Edimax EW-7438RPn webs formWirelessTbl buffer overflow

A flaw has been found in Edimax EW-7438RPn up to 1.31. This impacts the function formWirelessTbl of the file /goform/formWirelessTbl of the component webs. Executing a manipulation of the argument submit-url can lead to buffer overflow. The attack may be performed from remote. The exploit has bee...

9CVSS0.00589EPSS

EUVD•added 2026/05/24 12:30 a.m.•9 views

EUVD-2026-31559

9CVSS7.5AI score0.00589EPSS

Cvelist•added 2026/05/24 12:0 a.m.•12 views

CVE-2026-9344 Edimax EW-7438RPn webs formWpsStart stack-based overflow

A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is an unknown function of the file /goform/formWpsStart of the component webs. Such manipulation of the argument pinCode/wlan-url leads to stack-based buffer overflow. The attack can be executed...

9CVSS0.00589EPSS

Positive Technologies•added 2026/05/24 12:0 a.m.•12 views

PT-2026-42902

6.5CVSS6.2AI score0.01788EPSS

CNNVD•added 2026/05/24 12:0 a.m.•6 views

Edimax BR-6675nD 安全漏洞

The Edimax BR-6675nD is a dual-band broadband wireless router produced by Edimax Corporation. Version 1.12 of the Edimax BR-6675nD contains a security vulnerability. This vulnerability stems from improper handling of parameters during the formWlSiteSurvey function in the POST Request Handler...

9CVSS7.5AI score0.00589EPSS

NVD•added 2026/05/23 7:16 p.m.•10 views

CVE-2018-25352

WordPress Ultimate Form Builder Lite plugin version 1.3.7 and below contains an SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the entryid POST parameter. Attackers can send POST requests to the admin-ajax.php endpoint...

7.1CVSS0.00275EPSS

NVD•added 2026/05/23 7:16 p.m.•10 views

CVE-2018-25347

WordPress Contact Form Maker Plugin 1.12.20 contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries through the FormMakerSQLMapping and generetecsvfmc AJAX actions. Attackers can inject malicious SQL code via the 'name' and 'searchlabels' parameter...

7.1CVSS0.00275EPSS

NVD•added 2026/05/23 7:16 p.m.•13 views

CVE-2018-25346

WordPress Form Maker Plugin 1.12.24 and below contains SQL injection vulnerabilities that allow authenticated attackers to manipulate database queries by injecting SQL code through the FormMakerSQLMapping and generetecsv actions. Attackers can submit POST requests with malicious SQL payloads in t...

7.1CVSS0.00251EPSS

Exploits0References2

ATTACKERKB•added 2026/05/23 6:30 p.m.•7 views

CVE-2018-25352

EUVD•added 2026/05/23 6:30 p.m.•10 views

EUVD-2018-21872

CVE•added 2026/05/23 6:30 p.m.•13 views

CVE-2018-25352

The CVE-2018-25352 entry concerns the WordPress plugin Ultimate Form Builder Lite (version 1.3.7 and earlier). The vulnerability is a SQL injection in the entry_id parameter, exploitable via POST to admin-ajax.php with the ufbl_get_entry_detail_action action. Authenticated attackers can manipulat...

Vulnrichment•added 2026/05/23 6:30 p.m.•7 views

CVE-2018-25352 WordPress Ultimate Form Builder Lite 1.3.7 SQL Injection via entry_id

CVE•added 2026/05/23 6:30 p.m.•15 views

CVE-2018-25347

The vulnerability affects WordPress WordPress Contact Form Maker Plugin 1.12.20. It exposes SQL injection in the FormMakerSQLMapping and generete_csv_fmc AJAX actions, allowing an authenticated attacker to manipulate database queries via the name and search_labels parameters to potentially extrac...

EUVD•added 2026/05/23 6:30 p.m.•10 views

EUVD-2018-21871