109 matches found
EUVD-2025-26332
Malicious code in bioql PyPI...
EUVD-2021-28488
Malicious code in bioql PyPI...
CVE-2025-8824 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setRIP stack-based overflow
A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this issue is the function setRIP of the file /goform/setRIP. The manipulation of the argument RIPmode/RIPpasswd leads to stack-based buffer overflow. The attack may be launched...
perl-file-find-rule: File::Find::Rule Arbitrary Code Execution
A flaw was found in perl-file-find-rule. The grep function within File::Find::Rule versions up to 0.34 is vulnerable to arbitrary code execution if provided with a specially crafted filename. This vulnerability allows an attacker to supply a filename that, when opened, executes arbitrary code via...
CVE-2025-5289
The 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘style’ and 'mode' parameters in all versions up to, and including, 1.16.15 due to insufficient input sanitization and output escaping. This makes ...
CVE-2023-1635
A vulnerability was found in OTCMS 6.72. It has been declared as problematic. Affected by this vulnerability is the function AutoRun of the file apiRun.php. The manipulation of the argument mode leads to cross site scripting. The attack can be launched remotely. The identifier VDB-224017 was...
CVE-2025-3331
A vulnerability, which was classified as critical, has been found in codeprojects Online Restaurant Management System 1.0. This issue affects some unknown processing of the file /paymentsave.php. The manipulation of the argument mode leads to sql injection. The attack may be initiated remotely. T...
Online Restaurant Management System SQL注入漏洞
Online Restaurant Management System is a Code-projects open source online restaurant management system. A SQL injection vulnerability exists in Online Restaurant Management System version 1.0, which originates from improper handling of the parameter mode in the /paymentsave.php file, which may le...
CVE-2024-35519
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operatingmode.cgi via the apmode parameter...
CVE-2024-35522
Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operatingmode.cgi via the apmode parameter with ap24gmanual set to 1 and ap24gmanualsec set to NotNone...
PT-2025-2580 · Wavlink · Wavlink Ac3000
Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: Multiple buffer overflow vulnerabilities exist in the qos.cgi qos settings functionality. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an...
The vulnerability in the operating_mode.cgi script of NETGEAR’s router microprogramming devices EX6120, EX6100, and EX3700 allows a hacker to execute arbitrary commands.
The vulnerability of the operatingmode.cgi script in NETGEAR’s microprogrammed router devices, such as EX6120, EX6100, and EX3700, is related to the lack of measures taken to protect data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
Wavelog 安全漏洞
Wavelog is a web-based amateur radio logging software from Wavelog Open Source. A security vulnerability exists in Wavelog version 1.8.5, which stems from a Gridmapmodel.php getbandconfirmed SQL injection that allows Gridmapmodel.php getbandconfirmed via band, sat, propagation, or mode...
Wavelog 安全漏洞
Wavelog is a web-based amateur radio logging software from Wavelog Open Source. A security vulnerability exists in Wavelog version 1.8.5, which stems from allowing Activatedgridmapmodel.php getbandconfirmed SQL injection via band, sat, propagation, or mode...
CVE-2024-35522
Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an authenticated command injection in operatingmode.cgi via the apmode parameter with ap24gmanual set to 1 and ap24gmanualsec set to NotNone...
CVE-2024-45789
This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper validation of the ‘mode’ parameter in the API endpoint used during the registration process. An authenticated remote attacker could exploit this vulnerability by manipulating parameter in the API request body on the...
Reedos aiM-Star 安全漏洞
Reedos aiM-Star is a software product from Reedos for mutual fund distribution. A security vulnerability exists in Reedos aiM-Star version 2.0.1 that stems from improper validation of the mode parameter in the API endpoint used during the enrollment process, which allows an attacker to bypass...
CVE-2024-44557
Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo...
Tenda AX1806 安全漏洞
The Tenda AX1806 is a WiFi6 wireless router from Tenda, a Chinese company. The Tenda AX1806 suffers from a stack overflow vulnerability that originates from the iptv.stb.mode parameter in the function formGetIptv that contains a stack overflow, and no detailed vulnerability details are provided a...
CVE-2024-6369
A vulnerability classified as problematic has been found in LabVantage LIMS 2017. Affected is an unknown function of the file /labvantage/rc?command=page&sdcid=LVReagentLot of the component POST Request Handler. The manipulation of the argument mode leads to cross site scripting. It is possible t...