Lucene search
K

94 matches found

Vulnrichment
Vulnrichment
added 2025/10/07 10:32 a.m.3 views

CVE-2025-11387 Tenda AC15 fast_setting_pppoe_set stack-based overflow

A vulnerability was determined in Tenda AC15 15.03.05.18. This affects an unknown function of the file /goform/fastsettingpppoeset. This manipulation of the argument Password causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may ...

9CVSS7AI score0.00736EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.9 views

PT-2025-40978

Name of the Vulnerable Software and Affected Versions Tenda AC15 version 15.03.05.18 Description A stack-based buffer overflow exists in Tenda AC15 routers. The issue is due to the manipulation of the Password argument within the file '/goform/fast setting pppoe set'. This can be exploited...

9CVSS8.9AI score0.00736EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-11948

Malicious code in bioql PyPI...

5.4CVSS4AI score0.00393EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-35740

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00159EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-38211

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00979EPSS
Exploits0References3
CVE
CVE
added 2025/09/21 10:2 p.m.24 views

CVE-2025-10767

CosmodiumCS OnlyRAT (versions prior to 3.3, affected up to 3.2 per some citations) contains an OS command injection in the Configuration File Handler’s main.py, specifically in the connect/remote_upload/remote_download function where manipulation of configuration["PASSWORD"] can be exploited. Att...

4.5CVSS4.7AI score0.01161EPSS
Exploits0References5
OSV
OSV
added 2025/08/30 2:15 p.m.5 views

CVE-2025-9691

A vulnerability has been found in Campcodes Online Shopping System 1.0. This impacts an unknown function of the file /login.php. Such manipulation of the argument Password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used...

9.8CVSS5.8AI score0.00379EPSS
Exploits1References6
NVD
NVD
added 2025/06/10 12:15 a.m.12 views

CVE-2025-5905

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been rated as critical. Affected by this issue is the function setWiFiRepeaterCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument Password leads to buffer overflow. The attack m...

9CVSS0.07415EPSS
Exploits1References5
NVD
NVD
added 2025/06/04 11:15 p.m.16 views

CVE-2025-5619

A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated remotely. The explo...

9.8CVSS0.01046EPSS
Exploits1References5
OSV
OSV
added 2025/06/04 11:15 p.m.5 views

CVE-2025-5619

A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated remotely. The explo...

9.8CVSS6.5AI score0.01046EPSS
Exploits1References5
OSV
OSV
added 2025/05/24 4:15 p.m.5 views

CVE-2025-5128

A vulnerability, which was classified as critical, was found in ScriptAndTools Real-Estate-website-in-PHP 1.0. Affected is an unknown function of the file /admin/ of the component Admin Login Panel. The manipulation of the argument Password leads to sql injection. It is possible to launch the...

9.8CVSS5.6AI score0.00495EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/05/23 6:34 a.m.14 views

CVE-2024-12900

A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown function of the file /install/installdb.php of the component Configuration File Handler. The manipulation of the argument database password leads to code injection. It is possible to launch the attac...

9.8CVSS7AI score0.00696EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:40 a.m.8 views

CVE-2017-8050

Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web UI that allows for the unauthorized manipulation of the admin password...

7.5CVSS7AI score0.00872EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/12 7:16 a.m.33 views

CVE-2025-4497

A vulnerability was found in code-projects Simple Banking System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the component Sign In. The manipulation of the argument password2 leads to buffer overflow. Attacking locally is a requirement. The exploit has...

7.8CVSS5.4AI score0.00304EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/04/06 3:16 a.m.20 views

CVE-2025-3203

A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The...

5.3CVSS7.2AI score0.00536EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/04 2:31 a.m.15 views

CVE-2025-3203 Tenda W18E setModules formSetAccountList stack-based overflow

A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The...

5.3CVSS0.00536EPSS
Exploits0References5
OSV
OSV
added 2025/03/16 9:15 p.m.6 views

CVE-2025-2347

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308 and classified as problematic. This issue affects some unknown processing of the component Device Registration. The manipulation of the argument Password with the input qwertyuiop leads to use of default password. The attack needs to ...

7.8CVSS4.6AI score0.00219EPSS
Exploits0References3
NVD
NVD
added 2025/03/16 9:15 p.m.19 views

CVE-2025-2347

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308 and classified as problematic. This issue affects some unknown processing of the component Device Registration. The manipulation of the argument Password with the input qwertyuiop leads to use of default password. The attack needs to ...

7.8CVSS0.00219EPSS
Exploits0References3
OSV
OSV
added 2025/02/07 12:0 a.m.4 views

CVE-2024-57707

An issue in DataEase v1 allows an attacker to execute arbitrary code via the user account and password components...

9.8CVSS8.2AI score0.00754EPSS
Exploits1References3
CNVD
CNVD
added 2024/12/27 12:0 a.m.2 views

Hospital Management System index.php File SQL Injection Vulnerability

Hospital Management System a hospital management system. Hospital Management System has a SQL injection vulnerability that originates from the manipulation of username/password parameters in the login component of the /admin/index.php file. No details of the vulnerability are available at this ti...

9.8CVSS8AI score0.00607EPSS
Exploits1References1
Rows per page
Query Builder