CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

999 matches found

Positive Technologies•added 2026/03/22 12:0 a.m.•6 views

PT-2026-26975

A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects an unknown function of the file /cgi-bin/login.cgi of the component POST Request Handler. Executing a manipulation of the argument homepage/hostname/login page can lead to cross site scripting. It is possible to launch the...

4.8CVSS4.1AI score0.0026EPSS

Exploits1References12

NVD•added 2026/03/16 2:19 p.m.•3 views

CVE-2026-4164

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

10CVSS0.02057EPSS

Exploits0References8

ATTACKERKB•added 2026/03/15 3:2 a.m.•1 views

CVE-2026-4164

10CVSS5.5AI score0.02057EPSS

Exploits0References8Affected Software1

Positive Technologies•added 2026/03/14 12:0 a.m.•4 views

PT-2026-25511

A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue affects the function SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Performing a manipulation results in command injection. It is possible to initiate the attack remotely. The exploit...

10CVSS7.1AI score0.02103EPSS

Exploits0References12

OSV•added 2026/02/22 2:16 p.m.•4 views

CVE-2026-2952

A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/treeserver.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possible to be carried out remotely. The exploit has...

9.8CVSS5.6AI score

Exploits0References4

ATTACKERKB•added 2026/02/22 2:2 p.m.•6 views

CVE-2026-2952

7.5CVSS7.1AI score0.04519EPSS

Exploits1References4

Cvelist•added 2026/02/22 2:2 p.m.•29 views

CVE-2026-2952 Vaelsys HTTP POST Request tree_server.php os command injection

7.5CVSS0.04519EPSS

Exploits1References4

RedhatCVE•added 2026/02/22 1:25 p.m.•7 views

CVE-2026-2865

A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1.0. This impacts an unknown function of the file admin/productcontroller.php of the component HTTP POST Request Handler. Performing a manipulation of the argument Product results in sql injection. The attack may be...

9.8CVSS7.2AI score0.00333EPSS

Exploits1References1

CNNVD•added 2026/02/07 12:0 a.m.•5 views

O2OA 代码问题漏洞

O2OA is an open-source enterprise application development platform developed by O2OA. Versions of O2OA 9.0.0 and earlier contained code vulnerabilities due to XML external entity references in the HTTP POST request handler...

6.5CVSS6.7AI score0.00266EPSS

Exploits1References6

Cvelist•added 2026/02/06 11:32 a.m.•26 views

CVE-2026-2017 IP-COM W30AP POST Request wx3auth R7WebsSecurityHandler stack-based overflow

A vulnerability was detected in IP-COM W30AP up to 1.0.0.111340. Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in stack-based buffer overflow. The attack may be performe...

10CVSS0.04332EPSS

Exploits1References6

Vulnrichment•added 2026/02/06 11:32 a.m.•5 views

CVE-2026-2017 IP-COM W30AP POST Request wx3auth R7WebsSecurityHandler stack-based overflow

10CVSS9AI score0.04332EPSS

Exploits1References6

Cvelist•added 2026/01/26 1:32 a.m.•39 views

CVE-2026-1413 Sangfor Operation and Maintenance Security Management System HTTP POST Request port_validate portValidate command injection

A vulnerability was found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. This affects the function portValidate of the file /fort/ipandport/portvalidate of the component HTTP POST Request Handler. Performing a manipulation of the argument port results in command...

6.5CVSS0.02548EPSS

Exploits0References4

ATTACKERKB•added 2026/01/26 1:32 a.m.•5 views

CVE-2026-1413

6.5CVSS5.6AI score0.02548EPSS

Exploits0References4Affected Software1

NVD•added 2026/01/26 1:15 a.m.•3 views

CVE-2026-1412

A vulnerability has been found in Sangfor Operation and Maintenance Security Management System up to 3.0.12. The impacted element is an unknown function of the file /fort/audit/getclipimg of the component HTTP POST Request Handler. Such manipulation of the argument frame/dirno leads to command...

9.8CVSS0.0359EPSS

Exploits1References4

ATTACKERKB•added 2026/01/26 1:2 a.m.•2 views

CVE-2026-1412

7.5CVSS5.6AI score0.0359EPSS

Exploits1References4Affected Software1

RedhatCVE•added 2026/01/23 3:21 p.m.•6 views

CVE-2026-1327

A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection. The attack can be...

8.8CVSS6.4AI score0.02646EPSS

Exploits1References1

RedhatCVE•added 2026/01/23 3:21 p.m.•7 views

CVE-2026-1326

A weakness has been identified in Totolink NR1800X 9.1.0u.6279B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument Hostname causes command injection. The attack can be initiated...

8.8CVSS6.5AI score0.03212EPSS

Exploits1References1

OSV•added 2026/01/22 3:16 p.m.•3 views

CVE-2026-1327

8.8CVSS5.7AI score0.02646EPSS

Exploits1References5

OSV•added 2026/01/22 3:16 p.m.•7 views

CVE-2026-1326

8.8CVSS5.7AI score0.03212EPSS

Exploits1References5

NVD•added 2026/01/22 3:16 p.m.•4 views

CVE-2026-1327