Lucene search
+L

39 matches found

EUVD
EUVD
added 2025/10/07 12:31 p.m.4 views

EUVD-2025-32705

A vulnerability was determined in Tenda AC15 15.03.05.18. This affects an unknown function of the file /goform/fastsettingpppoeset. This manipulation of the argument Password causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may ...

9CVSS6.9AI score0.00736EPSS
Exploits1References6
CVE
CVE
added 2025/10/07 10:32 a.m.22 views

CVE-2025-11387

CVE-2025-11387 affects Tenda AC15 routers (AO: 15.03.05.18) via the function in /goform/fast_setting_pppoe_set. The vulnerability is a stack-based buffer overflow caused by manipulated Password input, and is exploitable remotely with a publicly disclosed exploit (PoC). Multiple sources corroborat...

9CVSS8.8AI score0.00736EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/04/04 12:0 a.m.8 views

PT-2025-14830 · Tenda · Tenda W18E

Name of the Vulnerable Software and Affected Versions: Tenda W18E version 16.01.0.11 Description: A problematic vulnerability was found in Tenda W18E, affecting the formSetAccountList function of the file /goform/setModules. The manipulation of the Password argument leads to a stack-based buffer...

5.3CVSS5AI score0.00536EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/12/23 12:0 a.m.5 views

PT-2024-17789 · Foxcms · Foxcms

Name of the Vulnerable Software and Affected Versions: FoxCMS versions up to 1.2 Description: A critical issue was found in the API Endpoint component, specifically in the file /app/api/controller/Site.php. The manipulation of the password argument leads to improper authorization, allowing for...

6.9CVSS5.2AI score0.00612EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/07/28 12:0 a.m.5 views

PT-2024-38135 · Totolink · Totolink A3600R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue has been found in the loginauth function of the /cgi-bin/cstecgi.cgi file. The manipulation of the password and http host arguments leads to a buffer overflow. This...

9CVSS8.8AI score0.01091EPSS
Exploits1References8
OSV
OSV
added 2024/04/10 3:15 a.m.8 views

CVE-2024-3534

A vulnerability, which was classified as critical, has been found in Campcodes Church Management System 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument password leads to sql injection. The attack may be launched remotely. The explo...

9.8CVSS5.7AI score
Exploits0References4
OSV
OSV
added 2024/03/27 2:15 p.m.7 views

CVE-2024-2976

A vulnerability was found in Tenda F1203 2.0.1.6. It has been declared as critical. Affected by this vulnerability is the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. The attack can be launched...

8.8CVSS6.5AI score0.01669EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.7 views

PT-2024-23000 · Tenda · Tenda F1203

Name of the Vulnerable Software and Affected Versions: Tenda F1203 version 2.0.1.6 Description: A critical issue was found in the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to a stack-based buffer overflow. This issue can be...

9CVSS8.8AI score0.01669EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/03/27 12:0 a.m.6 views

PT-2024-23083 · Tenda · Tenda Fh1202

Name of the Vulnerable Software and Affected Versions: Tenda FH1202 version 1.2.0.14408 Description: A critical issue affects the function formQuickIndex of the file /goform/QuickIndex, where the manipulation of the PPPOEPassword argument leads to a stack-based buffer overflow. This can be...

9CVSS8.9AI score0.01755EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/01/19 12:0 a.m.8 views

PT-2024-15793 · Unknown · Efs Easy File Sharing Ftp

Name of the Vulnerable Software and Affected Versions: EFS Easy File Sharing FTP version 3.6 Description: A problematic vulnerability has been found in the Login component of the software. The manipulation of the password argument leads to denial of service. This issue can be exploited remotely...

7.5CVSS7AI score0.00985EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/10/10 12:0 a.m.10 views

PT-2023-32126 · Unknown · Code-Projects Farmacia

Name of the Vulnerable Software and Affected Versions: codeprojects Farmacia version 1.0 Description: A critical issue was found in the code, affecting an unknown function of the file index.php. The manipulation of the usario/senha argument leads to sql injection. It is possible to launch the...

7.5CVSS6.8AI score0.00572EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/06/02 12:0 a.m.7 views

PT-2023-22816 · Code Projects · Agro-School Management System

Name of the Vulnerable Software and Affected Versions: code-projects Agro-School Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown function of the file index.php. The manipulation of the password argument leads to sql injection, allowing for...

9.8CVSS7.1AI score0.00783EPSS
Exploits1References7
Prion
Prion
added 2023/01/05 10:15 a.m.14 views

Command injection

A vulnerability was found in eprintsug ulcc-core. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file cgi/toolbox/toolbox. The manipulation of the argument password leads to command injection. The attack can be launched remotely. The patch is...

7.5CVSS10AI score0.02146EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/01/05 12:0 a.m.3 views

PT-2023-12408 · Unknown · Eprintsug Ulcc-Core

Name of the Vulnerable Software and Affected Versions: eprintsug ulcc-core affected versions not specified Description: A critical issue was found in the file cgi/toolbox/toolbox, where the manipulation of the password argument leads to command injection. This issue can be exploited remotely...

9.8CVSS6.9AI score0.02146EPSS
Exploits0References5
NVD
NVD
added 2022/10/18 11:15 a.m.22 views

CVE-2022-3582

A vulnerability has been found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument change password leads to cross-site request forgery. The attack can be launched...

4.3CVSS0.00253EPSS
Exploits1References2
OSV
OSV
added 2020/03/12 6:15 p.m.5 views

ALPINE-CVE-2020-1739

A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from...

3.9CVSS6.8AI score0.00358EPSS
Exploits0References1
Prion
Prion
added 2014/04/04 2:55 p.m.19 views

Buffer overflow

Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.1212327 allows remote attackers to execute arbitrary code via a long string to the password argument...

10CVSS8.5AI score0.1547EPSS
Exploits3References6Affected Software1
Prion
Prion
added 2013/10/01 8:55 p.m.16 views

Default credentials

The user-password-update command in python-keystoneclient before 0.2.4 accepts the new password in the --password argument, which allows local users to obtain sensitive information by listing the process...

2.1CVSS6.3AI score0.0037EPSS
Exploits1References3Affected Software1
NVD
NVD
added 1999/11/07 5:0 a.m.21 views

CVE-1999-1533

Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service hang via a long password argument to the login.htm file in its HTTP service...

7.5CVSS6.7AI score0.02906EPSS
Exploits0References3
Rows per page
Query Builder