Lucene search
K

966 matches found

NVD
NVD
added 2026/03/12 7:16 a.m.5 views

CVE-2026-4008

A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...

9CVSS0.00635EPSS
Exploits1References7
NVD
NVD
added 2026/03/12 7:16 a.m.3 views

CVE-2026-4007

A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...

9CVSS0.00619EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/12 6:32 a.m.3 views

CVE-2026-4008 Tenda W3 POST Parameter wifiSSIDset stack-based overflow

A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...

9CVSS6.3AI score0.00635EPSS
Exploits1References7
CVE
CVE
added 2026/03/12 6:32 a.m.18 views

CVE-2026-4008

CVE-2026-4008 affects Tenda W3 1.0.0.3(2204). The flaw occurs in the POST Parameter Handler for the /goform/wifiSSIDset path, where manipulation of the argument index/GO leads to a stack-based buffer overflow. It can be exploited remotely, and an exploit has been published. Affected version detai...

9CVSS7.9AI score0.00635EPSS
Exploits1References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/12 6:32 a.m.4 views

CVE-2026-4007 Tenda W3 POST Parameter wifiSSIDget stack-based overflow

A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...

9CVSS6.4AI score0.00619EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/12 6:32 a.m.2 views

CVE-2026-4007

A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...

9CVSS6.4AI score0.00619EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/03/12 6:32 a.m.24 views

CVE-2026-4007 Tenda W3 POST Parameter wifiSSIDget stack-based overflow

A vulnerability was detected in Tenda W3 1.0.0.32204. This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack...

9CVSS0.00619EPSS
Exploits1References5
NVD
NVD
added 2026/03/12 3:15 a.m.7 views

CVE-2026-3976

A weakness has been identified in Tenda W3 1.0.0.32204. Impacted is the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch t...

9CVSS0.00635EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2026/03/12 2:32 a.m.2 views

CVE-2026-3976 Tenda W3 POST Parameter WifiMacFilterSet formWifiMacFilterSet stack-based overflow

A weakness has been identified in Tenda W3 1.0.0.32204. Impacted is the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch t...

9CVSS6.4AI score0.00635EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/03/12 2:32 a.m.28 views

CVE-2026-3976 Tenda W3 POST Parameter WifiMacFilterSet formWifiMacFilterSet stack-based overflow

A weakness has been identified in Tenda W3 1.0.0.32204. Impacted is the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch t...

9CVSS0.00635EPSS
Exploits1References7
CVE
CVE
added 2026/03/12 2:32 a.m.12 views

CVE-2026-3976

CVE-2026-3976 affects Tenda W3 firmware 1.0.0.3(2204). The vulnerability lies in the POST Parameter Handler’s function formWifiMacFilterSet (file /goform/WifiMacFilterSet), where manipulation of the index/GO argument can trigger a stack-based buffer overflow. This vulnerability can be exploited r...

9CVSS6.4AI score0.00635EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2026/03/12 1:32 a.m.27 views

CVE-2026-3973 Tenda W3 POST Parameter setAutoPing formSetAutoPing stack-based overflow

A vulnerability was determined in Tenda W3 1.0.0.32204. This affects the function formSetAutoPing of the file /goform/setAutoPing of the component POST Parameter Handler. This manipulation of the argument ping1/ping2 causes stack-based buffer overflow. The attack is possible to be carried out...

9CVSS0.00635EPSS
Exploits1References7
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.8 views

Tenda W3 安全漏洞

The Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the component POST Parameter Handler, specifically the...

9CVSS7.7AI score0.00635EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.5 views

PT-2026-24913

The My Sticky Bar plugin for WordPress is vulnerable to SQL injection via the stickymenu contact lead form AJAX action in all versions up to, and including, 2.8.6. This is due to the handler using attacker-controlled POST parameter names directly as SQL column identifiers in $wpdb-insert. While...

7.5CVSS5.8AI score0.00338EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/03/09 12:2 a.m.31 views

CVE-2026-3790 SourceCodester Sales and Inventory System POST Parameter check_supplier_details.php sql injection

A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file checksupplierdetails.php of the component POST Parameter Handler. Executing a manipulation of the argument stockname1 can lead to sql injection. The attac...

6.5CVSS0.00301EPSS
Exploits1References5
NVD
NVD
added 2026/03/02 4:16 p.m.15 views

CVE-2025-50197

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/admin/sublanguageajax.inc.php via the POST newlanguage parameter. This issue has been patched in version 1.11.30...

7.2CVSS0.02657EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/03/02 3:17 p.m.3 views

CVE-2025-50196 Chamilo: OS Command Injection in /plugin/vchamilo/views/editinstance.php via POST main_database parameter

Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/editinstance.php via the POST maindatabase parameter. This issue has been patched in version 1.11.30...

7.1CVSS5.9AI score0.02746EPSS
Exploits1References4
CVE
CVE
added 2026/03/02 3:16 p.m.17 views

CVE-2025-50193

CVE-2025-50193 affects Chamilo LMS prior to version 1.11.30. The vulnerability is an OS command injection in the file /plugin/vchamilo/views/import.php triggered by the POST parameter to_main_database , potentially enabling a remote attacker to execute arbitrary commands (and, per PT-2025-37308, ...

7.2CVSS5.9AI score0.02603EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.6 views

Chamilo 操作系统命令注入漏洞

Chamilo is a learning management system open source by Chamilo. Chamilo editinstance.php file has an operating system command injection vulnerability , the vulnerability stems from the file /plugin/vchamilo/views/editinstance.php on the POST parameter maindatabase improperly handled , an attacker...

7.2CVSS6AI score0.02746EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/27 4:13 a.m.6 views

CVE-2025-56605

A reflected Cross-Site Scripting XSS vulnerability exists in the register.php backend script of PuneethReddyHC Event Management System 1.0. The mobile POST parameter is improperly validated and echoed back in the HTTP response without sanitization, allowing an attacker to inject and execute...

5.4CVSS5.9AI score0.00189EPSS
Exploits0References1
Rows per page
Query Builder