CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/26 8:14 p.m.•9 views

CVE-2026-9363

A vulnerability was detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a manipulation of the argument method results in command injection. Remote exploitation of the attack ...

6.5CVSS6.4AI score0.01158EPSS

RedhatCVE•added 2026/05/26 8:14 p.m.•12 views

CVE-2026-9297

A security vulnerability has been detected in Edimax BR-6428NS 1.10. Affected is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. The manipulation of the argument repeaterSSID leads to command injection. The attack may be initiated remotely. The...

6.5CVSS6.4AI score0.01398EPSS

RedhatCVE•added 2026/05/26 8:14 p.m.•14 views

CVE-2026-9296

A weakness has been identified in Edimax BR-6428NS 1.10. This impacts the function system of the file /goform/formWlanM of the component POST Request Handler. Executing a manipulation of the argument...

6.5CVSS6.4AI score0.01158EPSS

RedhatCVE•added 2026/05/26 8:14 p.m.•10 views

CVE-2026-9403

A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. The attack may be initiated remotely. The...

9CVSS7.7AI score0.00445EPSS

RedhatCVE•added 2026/05/26 8:14 p.m.•12 views

CVE-2026-33137

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform is a generic wiki platform. In versions starting with 15.10.6 and prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17, the POST /wikis/wikiName API executes a XAR import without...

9.3CVSS5.7AI score0.00594EPSS

Exploits1References1

OSV•added 2026/05/26 6:58 p.m.•10 views

GHSA-QRVH-R3F2-9H4R XWiki Platform has an Unauthenticated XAR Import via REST /wikis/{wikiName}

Impact POST /wikis/wikiName executes a XAR import without performing any authentication or authorization checks, allowing an unauthenticated attacker to create or update documents in the target wiki Patches This vulnerability has been patched in XWiki 16.10.17, 17.4.9, 17.10.3, 18.0.1 and...

9.3CVSS5.8AI score0.00594EPSS

Exploits1References5

EUVD•added 2026/05/25 2:15 p.m.•10 views

EUVD-2018-21903

Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can inject malicious SQL code via the filtertypeid, filterpidid, and filtersearch parameters in POST reques...

7.1CVSS6.1AI score0.00284EPSS

ATTACKERKB•added 2026/05/25 2:15 p.m.•13 views

CVE-2018-25381

7.1CVSS6.1AI score0.00284EPSS

Exploits0References4Affected Software1

Cvelist•added 2026/05/25 2:15 p.m.•23 views

CVE-2018-25381 Joomla Responsive Portfolio 1.6.1 SQL Injection via filter parameters

7.1CVSS0.00284EPSS

NVD•added 2026/05/25 10:16 a.m.•14 views

CVE-2026-9443

A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. The manipulation of the argument L2TPUserName leads to buffer overflow. The attack may be initiated...

9CVSS0.00589EPSS

EUVD•added 2026/05/25 8:45 a.m.•13 views

EUVD-2026-31655

Vulnrichment•added 2026/05/25 8:45 a.m.•7 views

CVE-2026-9443 Edimax BR-6478AC POST Request formL2TPSetup buffer overflow

CVE•added 2026/05/25 8:45 a.m.•18 views

CVE-2026-9443

The CVE-2026-9443 vulnerability affects Edimax BR-6478AC 1.23, specifically the POST Request Handler’s formL2TPSetup function. Buffer overflow is triggered via manipulating the L2TPUserName argument in /goform/formL2TPSetup. Attack surface is network-exposed and low privileges are required, with ...

Cvelist•added 2026/05/25 8:30 a.m.•35 views

CVE-2026-9442 Edimax BR-6478AC POST Request formiNICSiteSurvey buffer overflow

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipulation of the argument selSSID can lead to buffer overflow. The attack can be launched remotely. Th...

9CVSS0.00589EPSS

Vulnrichment•added 2026/05/25 8:30 a.m.•8 views

CVE-2026-9442 Edimax BR-6478AC POST Request formiNICSiteSurvey buffer overflow

NVD•added 2026/05/25 8:16 a.m.•21 views

CVE-2026-9440

A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formAccept of the file /goform/formAccept of the component POST Request Handler. Such manipulation of the argument submit-url leads to command injection. It is possible to launch the attack...

6.5CVSS0.01364EPSS

Cvelist•added 2026/05/25 8:15 a.m.•37 views

CVE-2026-9441 Edimax BR-6478AC POST Request formiNICbasic command injection

A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. Performing a manipulation of the argument rootAPmac results in command injection. The attack can be initiated...

6.5CVSS0.0135EPSS

Vulnrichment•added 2026/05/25 8:15 a.m.•8 views

CVE-2026-9441 Edimax BR-6478AC POST Request formiNICbasic command injection

6.5CVSS6.4AI score0.0135EPSS

CVE•added 2026/05/25 8:15 a.m.•21 views

CVE-2026-9441

CVE-2026-9441 affects Edimax BR-6478AC running firmware 1.23. The vulnerability is in the POST Request Handler’s formiNICbasic function located in /goform/formiNICbasic. Manipulating the rootAPmac argument results in a command injection, enabling remote code execution. The exploit has been releas...

6.5CVSS6.4AI score0.0135EPSS