217 matches found
CVE-2025-53712
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpmAP.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service DoS condition. The...
CVE-2025-53711
A vulnerability has been found in TP-Link TL-WR841N V11. The vulnerability exists in the /userRpm/WlanNetworkRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service DoS condition. The attac...
CVE-2025-53711
A vulnerability has been found in TP-Link TL-WR841N v11, TL-WR842ND v2 and TL-WR494N v3. The vulnerability exists in the /userRpm/WlanNetworkRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a...
Mobile Shop EditMobile.php File SQL Injection Vulnerability
Mobile Shop is a mobile store. Mobile Shop suffers from a SQL injection vulnerability that stems from an error in the parameter ID in the file /EditMobile.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute illegal SQL commands to...
Modern Bag product-update.php file SQL Injection Vulnerability
Modern Bag is an online management system. Modern Bag suffers from a SQL injection vulnerability that stems from an error in the parameter idProduct in the file /admin/product-update.php that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to...
Library System add-book.php file code issue vulnerability
Library System is a library system. Library System has a code issue vulnerability that stems from the lack of valid validation of uploaded files by the parameter image in the file /add-book.php. An attacker can exploit this vulnerability to upload malicious files...
Car Rental System add_cars.php File SQL Injection Vulnerability
Car Rental System is a car rental system. Car Rental System suffers from a SQL injection vulnerability that stems from the lack of validation of an externally entered SQL statement in the parameter carname in the file /admin/addcars.php. An attacker can use this vulnerability to execute illegal S...
Simple Online Hotel Reservation System index.php File SQL Injection Vulnerability
Simple Online Hotel Reservation System is a simple online hotel reservation system. Simple Online Hotel Reservation System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Username in the file...
Simple Pizza Ordering System saveorder.php File SQL Injection Vulnerability
Simple Pizza Ordering System is a simple pizza ordering system. Simple Pizza Ordering System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID of the file /saveorder.php. An attacker can exploit this...
Code-Projects Inventory Management System 注入漏洞
Inventory Management System is an inventory management system. Inventory Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter editBrandStatus in file /phpaction/editBrand.php. An attacker can...
CVE-2024-0756
The Insert or Embed Articulate Content into WordPress plugin through 4.3000000023 lacks validation of URLs when adding iframes, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page...
CVE-2022-1953
The Product Configurator for WooCommerce WordPress plugin before 1.2.32 suffers from an arbitrary file deletion vulnerability via an AJAX action, accessible to unauthenticated users, which accepts user input that is being used in a path and passed to unlink without validation first...
CVE-2021-22338
There is an XXE injection vulnerability in eCNS280 V100R005C00 and V100R005C10. A module does not perform the strict operation to the input XML message. Attacker can send specific message to exploit this vulnerability, leading to the module denial of service...
CVE-2025-1625
The Qi Blocks WordPress plugin before 1.4 does not validate and escape some of its Counter block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
The vulnerability of the HTTP-Proxy software for network firewalls, the UserGate Next-Generation Firewall (NGFW), allows a hacker to read arbitrary files.
The vulnerability of the HTTP-Proxy software of the UserGate Next-Generation Firewall exists due to the lack of measures to check input data. Exploiting this vulnerability allows a remote attacker to read arbitrary files...
COVID19 Testing Management System test-details.php File SQL Injection Vulnerability
The COVID19 Testing Management System is a new crown pneumonia testing management system. The COVID19 Testing Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter Status in the /test-details.php...
Amplify Codegen UI 安全漏洞
Amplify Codegen UI is an AWS Amplify open source React component generated for use in the AWS Amplify project. A security vulnerability exists in Amplify Codegen UI that stems from a lack of input validation for AWS Amplify Studio UI component property expressions, which could lead to the executi...
Apache Oozie 安全漏洞
Apache Oozie is an application from the Apache Apache Foundation, USA. Provides a workflow scheduler system for managing Apache Hadoop job functions. Apache Oozie has a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied...
Online Shopping Portal product-details.php file SQL Injection Vulnerability
Online Shopping Portal is an online store. Online Shopping Portal suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the product-details.php file. An attacker can exploit this vulnerability to execute illegal SQL commands to ste...
PT-2025-2407 · Qualcomm · Snapdragon +32
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to memory corruption that occurs when input parameter validation for the number of fences is missing for fence frame IOCTL calls...