EUVD-2026-20860

A vulnerability was determined in Tenda i12 1.0.0.113862. The impacted element is an unknown function of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2026-5841

A weakness has been identified in Tenda i3 1.0.0.62204. The affected element is the function R7WebsSecurityHandler of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack can be executed remotely. The exploit has been made available to the public and could b...

CVE-2026-5848

A vulnerability was found in jeecgboot JimuReport up to 2.3.0. The affected element is the function DriverManager.getConnection of the file /drag/onlDragDataSource/testConnection of the component Data Source Handler. Performing a manipulation of the argument dbUrl results in code injection. The...

CVE-2026-5847 code-projects Movie Ticketing System SQL Database Backup File moviedb.sql information disclosure

A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impacted is an unknown function of the file /db/moviedb.sql of the component SQL Database Backup File Handler. Such manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been...

CVE-2026-5847

A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impacted is an unknown function of the file /db/moviedb.sql of the component SQL Database Backup File Handler. Such manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been...

CVE-2026-5841 Tenda i3 HTTP R7WebsSecurityHandler path traversal

A weakness has been identified in Tenda i3 1.0.0.62204. The affected element is the function R7WebsSecurityHandler of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack can be executed remotely. The exploit has been made available to the public and could b...

CVE-2026-5841

A weakness has been identified in Tenda i3 1.0.0.62204. The affected element is the function R7WebsSecurityHandler of the component HTTP Handler. Executing a manipulation can lead to path traversal. The attack can be executed remotely. The exploit has been made available to the public and could b...

MetaGPT 安全漏洞

MetaGPT is a multi-agent framework developed by MetaGPT Inc. Versions of MetaGPT 0.8.1 and earlier contained security vulnerabilities. These vulnerabilities were caused by operations on the ActionNode.xmlfill function in the XML Handler component, which could lead to improper instructions in...

PT-2026-31586

Name of the Vulnerable Software and Affected Versions code-projects Movie Ticketing System version 1.0 Description A vulnerability exists in the Movie Ticketing System that allows for information disclosure. The issue is related to the SQL Database Backup File Handler and involves manipulation of...

PT-2026-31636

A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. The...

PT-2026-31635

A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...

PT-2026-31668

Name of the Vulnerable Software and Affected Versions Tenda CH22 version 1.0.0.6468 Description A path traversal issue exists in the httpd component, specifically within the R7WebsSecurityHandlerfunction function. This allows for remote manipulation. The exploit is publicly available...

PT-2026-31795

Name of the Vulnerable Software and Affected Versions D-Link DIR-605L version 2.13B01 Description A buffer overflow exists in the POST Request Handler component due to manipulation of the curTime argument within the formAdvNetwork function of the /goform/formAdvNetwork file. Remote exploitation i...

JimuReport 代码注入漏洞

JimuReport is a free reporting tool developed by JEECG in China. Versions of JimuReport 2.3.0 and earlier had a code injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter dbUrl in the DriverManager.getConnection function within the Data Source Handler...

Code-Projects Movie Ticketing System 访问控制错误漏洞

The Code-Projects Movie Ticketing System is an open-source movie ticketing system developed by Code-Projects. Version 1.0 of the Code-Projects Movie Ticketing System contains a security vulnerability related to access control. This vulnerability stems from an information leakage issue in the...

Tenda i12 路径遍历漏洞

The Tenda i12 is a ceiling-mounted wireless access point produced by the Chinese company Tenda. The version Tenda i12 1.0.0.113862 contains a path traversal vulnerability. This vulnerability stems from a path traversal issue in the HTTP Handler component, which may lead to path traversal attacks...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version contains an operating system command injection vulnerability. This vulnerability stems from incorrect handling of the enable parameter in the setUPnPCfg function of...

GL.iNet GL-RM 授权问题漏洞

GL.iNet GL-RM is a series of embedded IoT remote management and communication modules developed by GL.iNet Corporation. There are authorization-related vulnerabilities in GL.iNet GL-RM. These vulnerabilities stem from issues with the Factory Reset Handler component, where improper authentication...

Code-Projects Patient Record Management System 访问控制错误漏洞

The Code-Projects Patient Record Management System is an open-source medical record management system developed by Code-Projects. Version 1.0 of the Code-Projects Patient Record Management System contains a vulnerability related to access control. This vulnerability stems from an information...

D-Link DIR-605L 安全漏洞

The D-Link DIR-605L is a wireless router produced by D-Link Corporation. The D-Link DIR-605L version 2.13B01 has a security vulnerability. This vulnerability stems from the operation of the curTime parameter in the formVirtualServ function within the POST Request Handler component, which may lead...