PT-2026-28666

Name of the Vulnerable Software and Affected Versions Tenda AC5 version 15.03.06.47 Description A flaw exists in the function formQuickIndex located in the file /goform/QuickIndex within the POST Request Handler component. Manipulation of the PPPOEPassword argument can lead to a stack-based buffe...

PT-2026-28651

Name of the Vulnerable Software and Affected Versions code-projects Simple Laundry System version 1.0 Description A security flaw exists in code-projects Simple Laundry System. The issue involves a SQL injection affecting the file /checkregisitem.php within the Parameter Handler component. The...

PT-2026-28250

Name of the Vulnerable Software and Affected Versions Nsauditor version 3.0.28.0 Description A structured exception handling SEH buffer overflow allows local attackers to execute arbitrary code by providing malicious input to the DNS Lookup tool. Attackers can craft a payload that overwrites the...

Code-Projects Simple Laundry System 代码注入漏洞

Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of Code-Projects Simple Laundry System contains a code...

Rttsoftware PDF Explorer 缓冲区错误漏洞

Rttsoftware PDF Explorer is a PDF file management and browsing tool developed by Rttsoftware Corporation. Version 1.5.66.2 of Rttsoftware PDF Explorer contains a buffer error vulnerability. This vulnerability stems from an overflow in the structured exception handler, which may allow local...

PT-2026-28186

A weakness has been identified in Orc discount up to 3.0.1.2. This issue affects the function compile of the file markdown.c of the component Markdown Handler. This manipulation causes uncontrolled recursion. The attack is restricted to local execution. The exploit has been made available to the...

PT-2026-28255

PassFab RAR Password Recovery 9.3.2 contains a structured exception handler SEH buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a payload with a buffer overflow, NSEH jump, and shellcode, then paste it into...

PT-2026-28650

Name of the Vulnerable Software and Affected Versions code-projects Simple Laundry System version 1.0 Description A cross site scripting issue exists in the Parameter Handler component of code-projects Simple Laundry System. The issue is related to the manipulation of the firstName argument withi...

PT-2026-28261

Name of the Vulnerable Software and Affected Versions River Past CamDo version 3.7.6 Description The software contains a structured exception handler SEH buffer overflow. Local attackers can execute arbitrary code by providing a malicious string in the Lame enc.dll name field. Attackers can creat...

PT-2026-28197

A vulnerability has been found in SourceCodester Food Ordering System 1.0. This affects an unknown function of the file /purchase.php of the component Parameter Handler. The manipulation of the argument custom leads to sql injection. The attack can be initiated remotely. The exploit has been...

River Past CamDo 缓冲区错误漏洞

River Past CamDo is a screen recording and camera capture tool developed by River Past Corporation. Version 3.7.6 of River Past CamDo contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the structured exception handler, which may allow local attackers to...

📄 V8 BytecodeArray Swapping Sandbox Bypass

V8 suffers from a sandbox bypass due to arbitrary bytecode execution from BytecodeArray swapping before code deoptimization. Vulnerability Details When deoptimizing compiled code and resuming execution in the interpreter, V8 uses the function Deoptimizer::DoComputeOutputFrames to reconstruct the...

PT-2026-28207

A security vulnerability has been detected in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/grades/index.php?view=edit&id=1 of the component Parameter Handler. The manipulation of the argument deptid leads to sql injection. The attack is...

Code-Projects Simple Laundry System SQL注入漏洞

Code-Projects Simple Laundry System is an open-source system developed by Code-Projects, designed for managing laundry shop operations. It offers features such as order management, customer management, and inventory management. Version 1.0 of the code-projects Simple Laundry System contains a SQL...

UTT HiPER 1250GW 安全漏洞

UTT HiPER 1250GW is a wireless gateway device developed by UTT Corporation. Versions of UTT HiPER 1250GW prior to 3.2.7-210907-180535 contained security vulnerabilities. These vulnerabilities were caused by incorrect operations on the parameter GroupName in the file/goform/formConfigDnsFilterGlob...

PT-2026-28254

PDF Explorer 1.5.66.2 contains a structured exception handler SEH overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attackers can craft a payload with buffer overflow, NSEH jump, and ROP gadget chains that execute when the...

Tenda AC5 安全漏洞

Tenda AC5 is a wireless router produced by the Chinese company Tenda. Version 15.03.06.47 of Tenda AC5 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters “PPPOEPassword” in the file/goform/QuickIndex component of the POST Request Handler, which may...

CVE-2026-4823

A flaw has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this vulnerability is an unknown functionality of the component NTLM2 Handler. Executing a manipulation can lead to information disclosure. The attack is restricted to local execution. Attacks of this nature are highl...

CVE-2026-4824 Enter Software Iperius Backup Backup Job Configuration File privileges management

A vulnerability has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this issue is some unknown functionality of the component Backup Job Configuration File Handler. The manipulation leads to improper privilege management. The attack must be carried out locally. The attack is...

CVE-2026-4824

A vulnerability has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this issue is some unknown functionality of the component Backup Job Configuration File Handler. The manipulation leads to improper privilege management. The attack must be carried out locally. The attack is...