Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper posthandler cleanup, which could lead to reuse after release...

CVE-2025-2732

A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/wizard/getWifiNeighbour of the component HTTP POST Request Handler. The...

CVE-2025-2731

The CVE-2025-2731 vulnerability affects H3C Magic NX15, NX30 Pro, NX400, R3010, and BE18000 up to V100R014. It resides in the HTTP POST Request Handler function at /api/wizard/getDualbandSync, where an input manipulation enables command injection. Impact is local-network only, with high severity ...

PT-2025-12451 · Unknown · Lzcms-Laozhangbokexitong

Name of the Vulnerable Software and Affected Versions: LzCMS-LaoZhangBoKeXiTong versions up to 1.1.4 Description: A critical issue affects some unknown functionality of the file /admin/upload/upimage.html, specifically the HTTP POST Request Handler component. The manipulation of the File argument...

PT-2025-6893 · Internet Web Solutions · Sublime Crm

Name of the Vulnerable Software and Affected Versions: Internet Web Solutions Sublime CRM up to 20250207 Description: A problematic vulnerability was found in the HTTP POST Request Handler component of Internet Web Solutions Sublime CRM, affecting an unknown function of the file /crm/inicio.php...

CVE-2024-0352

A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to...

CVE-2025-0481

A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an unknown function of the file /dllog.cgi of the component HTTP POST Request Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been...

D-Link DIR-878 安全漏洞

The D-Link DIR-878 is a wireless router from China's AUO D-Link. An information disclosure vulnerability exists in the D-Link DIR-878 version 1.03, which stems from insufficient protection of sensitive information in the component HTTP POST request handler, and can be exploited by an attacker to...

PT-2025-3828 · Kaiyuantong · Kaiyuantong Ect Platform

Name of the Vulnerable Software and Affected Versions: KaiYuanTong ECT Platform versions up to 2.0.0 Description: A critical issue has been found in the HTTP POST Request Handler component of the affected software, specifically in the file /public/server/runCode.php. The manipulation of the code...

CVE-2024-13092

A vulnerability classified as critical was found in code-projects Job Recruitment 1.0. This vulnerability affects unknown code of the file /parse/calljob/searchajax.php of the component Job Post Handler. The manipulation of the argument n leads to sql injection. The attack can be initiated...

CVE-2024-13092

A vulnerability classified as critical was found in code-projects Job Recruitment 1.0. This vulnerability affects unknown code of the file /parse/calljob/searchajax.php of the component Job Post Handler. The manipulation of the argument n leads to sql injection. The attack can be initiated...

CVE-2024-12183

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7.116. This affects the function RemoveXSS of the file /plus/carbuyaction.php of the component HTTP POST Request Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Th...

kernel: x86/kprobes: Update kcb status flag after singlestepping

In the Linux kernel, the following vulnerability has been resolved: x86/kprobes: Update kcb status flag after singlestepping Fix kprobes to update kcb kprobes control block status flag to KPROBEHITSSDONE even if the kp-posthandler is not set. This bug may cause a kernel panic if another INT3 user...

CVE-2024-8128

A vulnerability, which was classified as critical, has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. Th...

CVE-2024-7657

A vulnerability classified as problematic was found in Gila CMS 1.10.9. This vulnerability affects unknown code of the file /cm/updaterows/page?id=2 of the component HTTP POST Request Handler. The manipulation of the argument content leads to cross site scripting. The attack can be initiated...

CVE-2024-7158

A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050B20200504. It has been declared as critical. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument telnetenabled leads to command...

CVE-2024-7066

CVE-2024-7066 affects F-logic DataCube3 1.0. The vulnerability resides in the HTTP POST Request Handler, specifically the file /admin/config_time_sync.php, where manipulating the ntp_server argument enables OS command injection. Exploitation can be remote and the exploit has been disclosed public...

LabVantage Solutions LIMS Cross-Site Scripting Vulnerability

LabVantage Solutions LIMS is a laboratory letter management system from LabVantage Solutions, USA. A cross-site scripting vulnerability exists in LabVantage Solutions LIMS version 2017, which stems from the handling of an unknown function for the parameter mode in a file processed by the POST...

SourceCodester Vehicle Management 代码问题漏洞

SourceCodester Vehicle Management is a vehicle management software from SourceCodester, Inc. A code issue exists in the SourceCodester Vehicle Management System up to version 1.0, which is caused by an unknown function in the component HTTP POST Request Handler. that causes unrestricted uploads v...

PT-2024-19014 · Unknown · Sourcecodester Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Tours & Travels Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file /admin/operations/expense category.php, specifically the HTTP POST Reque...