172 matches found
CVE-2025-12212
A weakness has been identified in Tenda O3 1.0.0.102478. This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the...
CVE-2025-12334 code-projects E-Commerce Website product_add.php cross site scripting
A vulnerability was found in code-projects E-Commerce Website 1.0. Affected is an unknown function of the file /pages/productadd.php. The manipulation of the argument prodname/proddesc/prodcost results in cross site scripting. It is possible to launch the attack remotely. The exploit has been mad...
CVE-2025-12241
TOTOLINK A3300R (firmware 17.0.0cu.557_B20221024) contains a stack-based buffer overflow in the POST Parameter Handler’s setLanguageCfg (parameter lang) in /cgi-bin/cstecgi.cgi. The issue allows remote code execution and remote impact with high severity (per CVE-2025-12241 descriptions across NVD...
CVE-2025-12208
SourceCodester Best House Rental Management System 1.0 is affected by a SQL injection in the login2 function of /admin_class.php, caused by improper handling of the Username argument. The vulnerability allows remote exploitation, and public proof-of-concept exploits exist. Red Hat/EUVD/NVD refere...
PT-2025-41699
Name of the Vulnerable Software and Affected Versions Simple Food Ordering System version 1.0 Description A flaw exists in Simple Food Ordering System 1.0, specifically within the /addcategory.php file. Manipulation of the cname argument can lead to SQL injection. This issue is remotely...
CVE-2025-11480
A vulnerability was detected in SourceCodester Simple E-Commerce Bookstore 1.0. The affected element is an unknown function of the file /register.php. Performing manipulation of the argument registerusername results in sql injection. The attack is possible to be carried out remotely. The exploit ...
CVE-2025-11558 code-projects E-Commerce Website user_index_search.php sql injection
A vulnerability was found in code-projects E-Commerce Website 1.0. Impacted is an unknown function of the file /pages/userindexsearch.php. Performing manipulation of the argument Search results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public a...
CVE-2025-11443
A weakness has been identified in JhumanJ OpnForm up to 1.9.3. This affects an unknown function of the file /api/password/email of the component Forgotten Password Handler. This manipulation causes information exposure through discrepancy. It is possible to initiate the attack remotely. The attac...
CVE-2025-11356
A vulnerability was found in Tenda AC23 up to 16.03.07.52. Affected by this issue is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and coul...
CVE-2025-11407 D-Link DI-7001 MINI upgrade_filter.asp os command injection
A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function of the file /upgradefilter.asp. This manipulation of the argument path causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could b...
PT-2025-41134
Name of the Vulnerable Software and Affected Versions SourceCodester Hotel and Lodge Management System version 1.0 Description A flaw exists in SourceCodester Hotel and Lodge Management System 1.0, specifically within the file /del room.php. Manipulation of the ID argument can lead to SQL...
EUVD-2024-47765
Malicious code in bioql PyPI...
EUVD-2025-25408
Malicious code in bioql PyPI...
EUVD-2025-31423
Malicious code in bioql PyPI...
EUVD-2025-10401
Malicious code in bioql PyPI...
EUVD-2025-24951
Malicious code in bioql PyPI...
EUVD-2025-24096
Malicious code in bioql PyPI...
EUVD-2025-29092
Malicious code in bioql PyPI...
EUVD-2025-13568
Malicious code in bioql PyPI...
EUVD-2025-25769
Malicious code in bioql PyPI...