CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/05/25 9:0 a.m.•8 views

CVE-2026-9444 SourceCodester Simple POS and Inventory System GET Parameter deleteproduct.php delete sql injection

A vulnerability was detected in SourceCodester Simple POS and Inventory System 1.0. This issue affects the function delete of the file /admin/deleteproduct.php of the component GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack may be launched remotely...

5.8CVSS5.7AI score0.00258EPSS

Cvelist•added 2026/05/25 9:0 a.m.•35 views

CVE-2026-9444 SourceCodester Simple POS and Inventory System GET Parameter deleteproduct.php delete sql injection

5.8CVSS0.00258EPSS

CVE•added 2026/05/25 9:0 a.m.•20 views

CVE-2026-9444

SourceCodester Simple POS and Inventory System 1.0 is affected in /admin/deleteproduct.php (GET Parameter Handler). The vulnerability occurs when the ID argument is manipulated, resulting in SQL injection. The issue may be exploited remotely and the exploit is public. No additional technical deta...

5.8CVSS5.7AI score0.00258EPSS

Vulnrichment•added 2026/05/25 8:45 a.m.•7 views

CVE-2026-9443 Edimax BR-6478AC POST Request formL2TPSetup buffer overflow

A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. The manipulation of the argument L2TPUserName leads to buffer overflow. The attack may be initiated...

Cvelist•added 2026/05/25 8:45 a.m.•35 views

CVE-2026-9443 Edimax BR-6478AC POST Request formL2TPSetup buffer overflow

9CVSS0.00589EPSS

Vulnrichment•added 2026/05/25 8:30 a.m.•8 views

CVE-2026-9442 Edimax BR-6478AC POST Request formiNICSiteSurvey buffer overflow

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipulation of the argument selSSID can lead to buffer overflow. The attack can be launched remotely. Th...

ATTACKERKB•added 2026/05/25 8:30 a.m.•8 views

CVE-2026-9442

Exploits0References4Affected Software1

CVE•added 2026/05/25 8:30 a.m.•18 views

CVE-2026-9442

CVE-2026-9442 affects Edimax BR-6478AC devices running version 1.23, impacting the POST request handler function /goform/formiNICSiteSurvey. The vulnerability arises from a manipulation of the argument selSSID in formiNICSiteSurvey, leading to a buffer overflow. Exploitation is described as remot...

NVD•added 2026/05/25 8:16 a.m.•14 views

CVE-2026-9437

A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may ...

6.5CVSS0.01364EPSS

NVD•added 2026/05/25 8:16 a.m.•11 views

CVE-2026-9438

A vulnerability was found in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file courseDel.php. The manipulation of the argument ID results in improper control of resource identifiers. The attack may be performed from...

5.5CVSS0.00324EPSS

Cvelist•added 2026/05/25 8:15 a.m.•36 views

CVE-2026-9441 Edimax BR-6478AC POST Request formiNICbasic command injection

A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. Performing a manipulation of the argument rootAPmac results in command injection. The attack can be initiated...

6.5CVSS0.0135EPSS

EUVD•added 2026/05/25 8:15 a.m.•12 views

EUVD-2026-31652

6.5CVSS6.4AI score0.0135EPSS

EUVD•added 2026/05/25 8:0 a.m.•13 views

EUVD-2026-31651

A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formAccept of the file /goform/formAccept of the component POST Request Handler. Such manipulation of the argument submit-url leads to command injection. It is possible to launch the attack...

6.5CVSS6.5AI score0.01364EPSS

EUVD•added 2026/05/25 7:30 a.m.•14 views

EUVD-2026-31647

5.5CVSS5.7AI score0.00324EPSS

Vulnrichment•added 2026/05/25 7:30 a.m.•6 views

CVE-2026-9438 yashpokharna2555 StudentManagementSystem courseDel.php resource injection

5.5CVSS5.7AI score0.00324EPSS

Cvelist•added 2026/05/25 7:30 a.m.•38 views

CVE-2026-9438 yashpokharna2555 StudentManagementSystem courseDel.php resource injection

5.5CVSS0.00324EPSS

NVD•added 2026/05/25 7:16 a.m.•9 views

CVE-2026-9428

A vulnerability has been found in Tenda F1202 1.2.0.20408. Affected is the function fromPPTPUserSetting of the file /goform/PPTPUserSetting. Such manipulation of the argument delno leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the...

9CVSS0.00579EPSS

NVD•added 2026/05/25 7:16 a.m.•9 views

CVE-2026-9431

A vulnerability was identified in Tenda F1202 1.2.0.20408. This affects the function fromPptpUserAdd of the file /goform/PptpUserAdd. The manipulation of the argument opttype leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be...

9CVSS0.00438EPSS

NVD•added 2026/05/25 7:16 a.m.•11 views

CVE-2026-9432

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setWiFiAdvancedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument bgProtection results in os command injection. The...

10CVSS0.01732EPSS