KLiK SocialMediaWebsite 安全漏洞

KLiK SocialMediaWebsite is a simple PHP-based social media website by the individual developer Muhammad Saad. A security vulnerability exists in KLiK SocialMediaWebsite version 1.0, which originates in the HTTP POST Request Parameter Handler component and could lead to injection...

PT-2026-43117

A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engin...

TOTOLINK CA750-PoE 操作系统命令注入漏洞

The TOTOLINK CA750-PoE is a wireless network access device from China-based TOTOLINK Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK CA750-PoE version 6.2c.510, which originates from an OS command injection in the Setting Handler component of the setPasswordCfg...

KLiK SocialMediaWebsite 安全漏洞

KLiK SocialMediaWebsite is a simple PHP-based social media website by the individual developer Muhammad Saad. A security vulnerability exists in KLiK SocialMediaWebsite version 1.0, which originates from the HTTP GET Request Parameter Handler component and could lead to injection...

SourceCodester Indian Invoicing System SQL注入漏洞

SourceCodester Indian Invoicing System is a SourceCodester open source Indian invoicing system. SourceCodester Indian Invoicing System version 1.0 suffers from a SQL injection vulnerability that stems from the Invoice Generation Handler component's manipulation of the parameter...

KLiK SocialMediaWebsite 代码问题漏洞

KLiK SocialMediaWebsite is a simple PHP-based social media website by the individual developer Muhammad Saad. A code issue vulnerability exists in version 1.0 of KLiK SocialMediaWebsite, which stems from the File Handler component's manipulation of the function uniqid in the file upload.inc.php,...

PT-2026-43027

A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. Performing a manipulation of the argument rootAPmac results in command injection. The attack can be initiated...

Edimax EW-7438RPn 操作系统命令注入漏洞

The Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Edimax. An OS command injection vulnerability exists in the Edimax EW-7438RPn version 1.31, which stems from the manipulation of the parameters of the function formWlanMP in the file /goform/formWlanMP by the Content-Typ...

PT-2026-43227

SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft malicious input in the Registration Name and Registration Key fields to...

Hackney 安全漏洞

Hackney is a program library from Hackney, Inc. A security vulnerability exists in hackney versions prior to 3.1.1 through 4.0.1, which stems from a failure to perform cross-domain checks in the HTTP/3 redirect handler, potentially leading to the disclosure of sensitive data...

Invoice-System 授权问题漏洞

Invoice-System is an invoice management system development exercise tool by Sushmita Palikhe individual developer. Invoice-System a0a3faa16dee2621b231ae227333f5761607283b and prior versions have an authorization issue vulnerability that stems from a parameter role operation in the User Management...

TOTOLINK CA750-PoE 操作系统命令注入漏洞

The TOTOLINK CA750-PoE is a wireless network access device from China's Gion Electronics TOTOLINK. The Totolink CA750-PoE version 6.2c.510 suffers from an operating system command injection vulnerability that originates from os command injection in the operation of the parameter hosttime in the...

PT-2026-43152

Name of the Vulnerable Software and Affected Versions Totolink CA750-PoE version 6.2c.510 Description A weakness in the Setting Handler component allows for remote OS command injection. This occurs through the manipulation of the host time argument within the NTPSyncWithHost function of the...

PT-2026-42998

A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

PT-2026-42999

A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrestricted upload. The attack can be initiated remotely. The exploit has been publicly disclosed and m...

CVE-2026-9402

A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...

EUVD-2026-31605

A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. The attack may be initiated remotely. The...

CVE-2026-9402

A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...

CVE-2026-9402

The CVE-2026-9402 entry concerns Edimax BR-6675nD firmware 1.12. The vulnerability is in the POST Request Handler’s formWlanMP function (/goform/formWlanMP). Manipulating parameters such as ateFunc, ateGain, ateRate, ateChan, ateTxCount, various e2pTx/e2pTxPower and readE2P fields results in comm...

CVE-2026-9402 Edimax BR-6675nD POST Request formWlanMP command injection

A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...