87 matches found
EUVD-2025-30368
Malicious code in bioql PyPI...
CVE-2025-57423
A SQL injection vulnerability was discovered in the /articles endpoint of MyClub 0.5, affecting the query parameters Content, GroupName, PersonName, lastUpdate, pool, and title. Due to insufficient input sanitisation, an unauthenticated remote attacker could inject arbitrary SQL commands via a...
CVE-2025-10757
A weakness has been identified in UTT 1200GW up to 3.0.0-170831. The affected element is an unknown function of the file /goform/formConfigDnsFilterGlobal. This manipulation of the argument GroupName causes buffer overflow. The attack can be initiated remotely. The exploit has been made available...
CVE-2025-10757
A weakness has been identified in UTT 1200GW up to 3.0.0-170831. The affected element is an unknown function of the file /goform/formConfigDnsFilterGlobal. This manipulation of the argument GroupName causes buffer overflow. The attack can be initiated remotely. The exploit has been made available...
CVE-2025-10757
A weakness has been identified in UTT 1200GW up to 3.0.0-170831. The affected element is an unknown function of the file /goform/formConfigDnsFilterGlobal. This manipulation of the argument GroupName causes buffer overflow. The attack can be initiated remotely. The exploit has been made available...
UTT 1200GW 安全漏洞
The UTT 1200GW is an enterprise-grade wireless router from Atech Technology UTT designed to meet the networking needs of small to medium-sized businesses or large space office environments. The UTT 1200GW suffers from a buffer overflow vulnerability that originates from the failure of the paramet...
PT-2025-38646
Name of the Vulnerable Software and Affected Versions UTT 1200GW versions prior to 3.0.0-170831 Description A buffer overflow weakness exists in UTT 1200GW. The issue is located in an unknown function within the /goform/formConfigDnsFilterGlobal file. Manipulation of the GroupName argument trigge...
UTT HiPER 840G Buffer Overflow Vulnerability (CNVD-2026-00819)
The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...
UTT HiPER 840G 安全漏洞
The UTT HiPER 840G is a full Gigabit Internet behavior management router from Atech UTT, which is aimed at small businesses, community networks, hotels, and other scenarios, providing high-speed network access and intelligent management features. The UTT HiPER 840G suffers from a buffer overflow...
PT-2025-27020
Name of the Vulnerable Software and Affected Versions: UTT HiPER 840G versions up to 3.1.1-190328 Description: A critical issue affects the function sub 416928 of the file /goform/formConfigDnsFilterGlobal in the component API. The manipulation of the argument GroupName leads to buffer overflow...
CVE-2020-27406
Cross Site Scripting XSS vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname...
CVE-2019-17116
A stored and reflected cross-site scripting XSS vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047 allow remote attackers to inject arbitrary web script or HTML via /WiKIDAdmin/groups.jsp. The groupName parameter is vulnerable: the reflected cross-site scripting occurs immediately...
Edimax BR-6478AC formDiskCreateGroup function command execution vulnerability
Edimax BR-6478AC is a dual-band Gigabit router from China Xunzhou Edimax. The Edimax BR-6478AC suffers from a command execution vulnerability that originates from the groupname parameter in /boafrm/formDiskCreateGroup failing to correctly filter construct command special characters, commands, etc...
Edimax BR-6478AC 安全漏洞
Edimax BR-6478AC is a dual-band Gigabit router from China Xunzhou Edimax. The Edimax BR-6478AC suffers from a command execution vulnerability that originates from the groupname parameter in /boafrm/formDiskCreateGroup failing to correctly filter construct command special characters, commands, etc...
PT-2025-16346
Name of the Vulnerable Software and Affected Versions Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC version V3 1.0.15 Description A command injection issue was discovered via the groupname at the "/boafrm/formDiskCreateGroup" API endpoint. This allows for potential exploitation...
Tenda PA6 安全漏洞
Tenda PA6 Wi-Fi Powerline extender is a wireless network range extender from Tenda China. A buffer overflow vulnerability exists in Tenda PA6 version 1.0.1.21, which originates from the groupName parameter of the cgiPortMapAdd function in the /portmap file that fails to correctly validate the...
Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat
Description Stored XSS is found in SettingsLive help configurationDepartments-Departments groups-edit When a user creates a new webhook under the NAME field and puts a payload constructor.constructor'alert1', the input gets stored, at user edit groupname , the payload gets executed. Proof of...
CVE-2020-27406
Cross Site Scripting XSS vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname...
CVE-2020-27406
Cross Site Scripting XSS vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname...
Cross site scripting
Cross Site Scripting XSS vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname...