Lucene search
K

87 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-30368

Malicious code in bioql PyPI...

9CVSS8.8AI score0.0099EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/10/03 12:0 a.m.4 views

CVE-2025-57423

A SQL injection vulnerability was discovered in the /articles endpoint of MyClub 0.5, affecting the query parameters Content, GroupName, PersonName, lastUpdate, pool, and title. Due to insufficient input sanitisation, an unauthenticated remote attacker could inject arbitrary SQL commands via a...

7.5AI score0.00425EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/23 12:17 a.m.8 views

CVE-2025-10757

A weakness has been identified in UTT 1200GW up to 3.0.0-170831. The affected element is an unknown function of the file /goform/formConfigDnsFilterGlobal. This manipulation of the argument GroupName causes buffer overflow. The attack can be initiated remotely. The exploit has been made available...

9CVSS6.8AI score0.0099EPSS
Exploits1References1
NVD
NVD
added 2025/09/21 12:15 a.m.8 views

CVE-2025-10757

A weakness has been identified in UTT 1200GW up to 3.0.0-170831. The affected element is an unknown function of the file /goform/formConfigDnsFilterGlobal. This manipulation of the argument GroupName causes buffer overflow. The attack can be initiated remotely. The exploit has been made available...

9CVSS0.0099EPSS
Exploits1References5
OSV
OSV
added 2025/09/21 12:15 a.m.7 views

CVE-2025-10757

A weakness has been identified in UTT 1200GW up to 3.0.0-170831. The affected element is an unknown function of the file /goform/formConfigDnsFilterGlobal. This manipulation of the argument GroupName causes buffer overflow. The attack can be initiated remotely. The exploit has been made available...

8.7CVSS6.2AI score
Exploits0References5
CNNVD
CNNVD
added 2025/09/21 12:0 a.m.15 views

UTT 1200GW 安全漏洞

The UTT 1200GW is an enterprise-grade wireless router from Atech Technology UTT designed to meet the networking needs of small to medium-sized businesses or large space office environments. The UTT 1200GW suffers from a buffer overflow vulnerability that originates from the failure of the paramet...

9CVSS7.9AI score0.0099EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/09/20 12:0 a.m.13 views

PT-2025-38646

Name of the Vulnerable Software and Affected Versions UTT 1200GW versions prior to 3.0.0-170831 Description A buffer overflow weakness exists in UTT 1200GW. The issue is located in an unknown function within the /goform/formConfigDnsFilterGlobal file. Manipulation of the GroupName argument trigge...

9CVSS8.9AI score0.0099EPSS
Exploits1References9
CNVD
CNVD
added 2025/07/01 12:0 a.m.5 views

UTT HiPER 840G Buffer Overflow Vulnerability (CNVD-2026-00819)

The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...

9CVSS8AI score0.00795EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/06/26 12:0 a.m.4 views

UTT HiPER 840G 安全漏洞

The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...

9CVSS7.8AI score0.00795EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/06/26 12:0 a.m.4 views

PT-2025-27020

Name of the Vulnerable Software and Affected Versions: UTT HiPER 840G versions up to 3.1.1-190328 Description: A critical issue affects the function sub 416928 of the file /goform/formConfigDnsFilterGlobal in the component API. The manipulation of the argument GroupName leads to buffer overflow...

9CVSS8.7AI score0.00795EPSS
Exploits1References12
RedhatCVE
RedhatCVE
added 2025/05/22 4:21 p.m.9 views

CVE-2020-27406

Cross Site Scripting XSS vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname...

5.4CVSS6.3AI score0.00733EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 10:2 a.m.10 views

CVE-2019-17116

A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cross-site scripting occurs immediately...

6.1CVSS5.5AI score0.01659EPSS
Exploits3References1
CNVD
CNVD
added 2025/04/25 12:0 a.m.6 views

Edimax BR-6478AC formDiskCreateGroup function command execution vulnerability

Edimax BR-6478AC is a dual-band Gigabit router from China Xunzhou Edimax. The Edimax BR-6478AC suffers from a command execution vulnerability that originates from the groupname parameter in /boafrm/formDiskCreateGroup failing to correctly filter construct command special characters, commands, etc...

6.5CVSS7.1AI score0.0766EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.6 views

Edimax BR-6478AC 安全漏洞

Edimax BR-6478AC is a dual-band Gigabit router from China Xunzhou Edimax. The Edimax BR-6478AC suffers from a command execution vulnerability that originates from the groupname parameter in /boafrm/formDiskCreateGroup failing to correctly filter construct command special characters, commands, etc...

6.5CVSS7.3AI score0.0766EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/04/15 12:0 a.m.7 views

PT-2025-16346

Name of the Vulnerable Software and Affected Versions Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC version V3 1.0.15 Description A command injection issue was discovered via the groupname at the "/boafrm/formDiskCreateGroup" API endpoint. This allows for potential exploitation...

6.5CVSS5.8AI score0.0766EPSS
Exploits1References10
CNNVD
CNNVD
added 2024/01/15 12:0 a.m.6 views

Tenda PA6 安全漏洞

Tenda PA6 Wi-Fi Powerline extender is a wireless network range extender from Tenda China. A buffer overflow vulnerability exists in Tenda PA6 version 1.0.1.21, which originates from the groupName parameter of the cgiPortMapAdd function in the /portmap file that fails to correctly validate the...

9.8CVSS8.2AI score0.00979EPSS
Exploits0References4
Huntr
Huntr
added 2022/01/27 2:45 a.m.13 views

Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat

Description Stored XSS is found in SettingsLive help configurationDepartments-Departments groups-edit When a user creates a new webhook under the NAME field and puts a payload constructor.constructor'alert1', the input gets stored, at user edit groupname , the payload gets executed. Proof of...

3.5CVSS0.00634EPSS
Exploits1References1
OSV
OSV
added 2021/11/02 11:15 a.m.3 views

CVE-2020-27406

Cross Site Scripting XSS vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname...

5.4CVSS6.3AI score0.00733EPSS
Exploits1References2
NVD
NVD
added 2021/11/02 11:15 a.m.13 views

CVE-2020-27406

Cross Site Scripting XSS vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname...

5.4CVSS0.00733EPSS
Exploits1References1
Prion
Prion
added 2021/11/02 11:15 a.m.13 views

Cross site scripting

Cross Site Scripting XSS vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname...

3.5CVSS5.5AI score0.00733EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder