Lucene search
K

25076 matches found

Vulnrichment
Vulnrichment
added 2026/03/03 12:0 a.m.2 views

CVE-2025-70239

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard55...

6.1AI score0.00606EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/03 12:0 a.m.5 views

PT-2026-22727

The WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form submission data in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping. This makes it possib...

7.2CVSS6AI score0.00235EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.6 views

WordPress plugin WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.2CVSS5.9AI score0.00235EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/03 12:0 a.m.23 views

CVE-2025-70239

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard55...

0.00606EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/03 12:0 a.m.5 views

EUVD-2025-208265

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard55...

6.1AI score0.00606EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.10 views

Django 安全漏洞

Django is a Python-based open-source web framework developed by the Django Foundation. This framework includes an object-oriented mapper, view system, template system, etc. Versions of Django prior to 6.0.3, 5.2.12, and 4.2.29 contained security vulnerabilities. These vulnerabilities stemmed from...

7.5CVSS5.8AI score0.00734EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/03 12:0 a.m.6 views

EUVD-2025-208247

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution...

7.5CVSS6.3AI score0.00738EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/03 12:0 a.m.18 views

CVE-2025-70234

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetQoS...

0.00699EPSS
Exploits1References3
CVE
CVE
added 2026/03/03 12:0 a.m.13 views

CVE-2025-70237

CVE-2025-70237 affects D-Link DIR-513 (v1.10). The issue is a stack buffer overflow in the handling of the curTime parameter passed to goform/formSetPortTr, allowing potential control-flow disruption. Multiple sources describe this vulnerability as enabling arbitrary code execution or a denial of...

9.8CVSS6.1AI score0.00714EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/03 12:0 a.m.4 views

CVE-2025-70241

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANTypeWizard5...

6.1AI score0.00587EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/03 12:0 a.m.3 views

CVE-2025-70240

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard51...

6.1AI score0.00716EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/02 8:14 p.m.3 views

Open Redirect

Overview Products.isurlinportal is a replacement for isURLInPortal method in Plone. Affected versions of this package are vulnerable to Open Redirect via the login form. An attacker can cause users to be redirected to an external website by crafting a URL with more than two forward slashes in the...

8CVSS5.7AI score0.00227EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/02 10:52 a.m.5 views

CVE-2026-2359

A flaw was found in Multer, a Node.js middleware for handling multipart/form-data. A remote attacker can exploit this vulnerability by intentionally dropping a connection during a file upload. This can lead to a Denial of Service DoS due to resource exhaustion on the affected system...

8.7CVSS5.9AI score0.00663EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/03/02 6:45 a.m.3 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS5.8AI score0.01945EPSS
Exploits0References8
Patchstack
Patchstack
added 2026/03/02 6:45 a.m.6 views

WordPress CP Contact Form with Paypal plugin <= 1.3.61 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin CP Contact Form with Paypal versions = 1.3.61...

8.5CVSS5.9AI score0.00225EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2026/03/02 2:56 a.m.6 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS5.8AI score0.01945EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/03/02 1:34 a.m.7 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS5.8AI score0.01945EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/03/02 1:22 a.m.4 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS5.8AI score0.01945EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/03/02 12:0 a.m.2 views

CVE-2026-24101

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18multi. When the condition is met, s11 will be passed into subB0488, concatenated into doSystemCmd. The value of s11 is not validated, potentially leading to a command injection vulnerability...

5.9AI score0.01671EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2026/03/02 12:0 a.m.161 views

📄 WordPress MPMF Plugin 1.0.2 Shell Upload

This Metasploit module exploits an unauthenticated file upload vulnerability in WordPress Multi‑Purpose Multi‑Form MPMF plugin version 1.0.2. By abusing a vulnerable AJAX action exposed via admin-ajax.php, an attacker can upload a crafted PHP file and trigger its execution to obtain remote code...

10CVSS6.5AI score0.00611EPSS
Exploits2
Rows per page
Query Builder