CVE-2024-0357

A vulnerability was found in coderd-repos Eva 1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the file /system/traceLog/page of the component HTTP POST Request Handler. The manipulation of the argument property leads to sql injection. The exploit has been...

CVE-2023-7222

A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The atta...

Totolink T6 安全漏洞

TOTOLINK T6 is a wireless dual-band router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in Totolink T6 version 4.1.9cu.5241B20210923, which originates from the component HTTP POST Request Handler in the file /cgi-bin/cstecgi.cgi that fails to correctly validate t...

Beijing Baichuo Smart S150 Code Issue Vulnerability

The Beijing Baichuo Smart S150 is an Internet Behavior Management appliance from Beijing Baichuo, China. A code issue vulnerability exists in Beijing Baichuo Smart S150 Management Platform 20240101 and prior versions, which stems from a file upload vulnerability in webimg, a parameter of the HTTP...

Stack overflow

A vulnerability, which was classified as critical, has been found in Totolink N350RT 9.3.5u.6139B20201216. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v8 leads to stack-based...

CVE-2023-7178

A vulnerability, which was classified as critical, has been found in Campcodes Online College Library System 1.0. This issue affects some unknown processing of the file /admin/bookrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The...

CVE-2023-7175

A vulnerability was found in Campcodes Online College Library System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/borrowadd.php of the component HTTP POST Request Handler. The manipulation of the argument student leads to sql injectio...

PT-2023-32921 · Unknown · Campcodes Online College Library System

Name of the Vulnerable Software and Affected Versions: Campcodes Online College Library System version 1.0 Description: A critical issue affects some unknown functionality of the file /admin/borrow add.php of the component HTTP POST Request Handler. The manipulation of the student argument leads ...

CVE-2023-7166

A vulnerability classified as problematic has been found in Novel-Plus up to 4.2.0. This affects an unknown part of the file /user/updateUserInfo of the component HTTP POST Request Handler. The manipulation of the argument nickName leads to cross site scripting. It is possible to initiate the...

CVE-2023-7138

A vulnerability, which was classified as critical, was found in code-projects Client Details System 1.0. This affects an unknown part of the file /admin of the component HTTP POST Request Handler. The manipulation of the argument username leads to sql injection. The exploit has been disclosed to...

PT-2023-32906 · Unknown · Gopeak Masterlab

Name of the Vulnerable Software and Affected Versions: gopeak MasterLab versions up to 3.3.10 Description: A critical vulnerability was found in the HTTP POST Request Handler component of gopeak MasterLab. This issue affects the sqlInject function in the file app/ctrl/Framework.php. The...

PT-2023-32905 · Unknown · Gopeak Masterlab

Name of the Vulnerable Software and Affected Versions: gopeak MasterLab versions up to 3.3.10 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of gopeak MasterLab. This issue affects the sqlInject function of the file app/ctrl/framework/Feature.php...

PT-2023-32900 · Unknown · Code-Projects Client Details System

Name of the Vulnerable Software and Affected Versions: code-projects Client Details System version 1.0 Description: A vulnerability has been found in the code-projects Client Details System, affecting the file /admin/regester.php of the component HTTP POST Request Handler. The manipulation of the...

Totolink A7100RU 安全漏洞

The TOTOLINK A7100RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A7100RU version 7.4cu.2313B20191024 suffers from a buffer overflow vulnerability, which originates from the failure of the e8 parameter in the component HTTP POST Request Handler to correctly validate t...

PT-2023-32810 · Codelyfe · Codelyfe Stupid Simple Cms

Name of the Vulnerable Software and Affected Versions: codelyfe Stupid Simple CMS versions up to 1.2.3 Description: A critical issue was found in the HTTP POST Request Handler component, specifically affecting the file /terminal/handle-command.php. The manipulation of the command argument with th...

CVE-2023-6580

A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This affects an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the argument smartqosexpressdevices/smartqosnormaldevices leads to deserialization. It is possible to...

CVE-2023-6580

A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This affects an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the argument smartqosexpressdevices/smartqosnormaldevices leads to deserialization. It is possible to...

Deserialization of untrusted data

A vulnerability, which was classified as critical, was found in D-Link DIR-846 FW100A53DBR. This affects an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the argument smartqosexpressdevices/smartqosnormaldevices leads to deserialization. It is possible to...

CVE-2023-6580

CVE-2023-6580 concerns a deserialization vulnerability in the D-Link DIR-846 router (FW100A53DBR), specifically in the QoS POST Handler handling the file path /HNAP1/. The issue arises from unsafe deserialization when processing the arguments smartqos_express_devices and smartqos_normal_devices, ...

PT-2023-7503 · D Link · D-Link Dir-846

Name of the Vulnerable Software and Affected Versions: D-Link DIR-846 version FW100A53DBR Description: A critical vulnerability was found in the D-Link DIR-846 router, affecting an unknown part of the file /HNAP1/ of the component QoS POST Handler. The manipulation of the smartqos express devices...