Lucene search
K

41223 matches found

Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.5 views

PT-2026-35417

A vulnerability was found in Totolink A8000RU 7.1cu.643 b20200521. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument setIptvCfg results in os command injection. The attack can be initiated remotely. The...

10CVSS8.2AI score0.01766EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.8 views

SourceCodester Pharmacy Sales and Inventory System 注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System contains a SQL injection vulnerability. This vulnerability arises from improper...

7.5CVSS7.1AI score0.00254EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.8 views

PT-2026-35420

A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save category. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released ...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.13 views

PT-2026-35375

A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit has been...

9CVSS8.7AI score0.00619EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.11 views

PT-2026-35283

Name of the Vulnerable Software and Affected Versions CodePanda Source canteen management system version 1.0 Description A SQL injection allows remote attackers to manipulate the Username argument via the '/api/login.php' endpoint. SQL injection is a type of flaw that allows an attacker to...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.14 views

PT-2026-35348

A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Executing a manipulation of the argument Go can lead to buffer overflow. The attack can be executed remotely. The exploit has been...

9CVSS8.6AI score0.00619EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.7 views

PT-2026-35517

A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the function generate favicon from url of the file src/auto favicon/server.py of the component MCP Tool. The manipulation of the argument image url results in server-side request...

6.5CVSS6AI score0.00201EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.6 views

PT-2026-35537

A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rls pdu.cpp of the component Radio Link Simulation Layer. The manipulation of the argument pduLength leads to uncaught exception. The attack may b...

6.9CVSS5.4AI score0.00405EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.17 views

PT-2026-35355

A security vulnerability has been detected in code-projects Home Service System 1.0. The impacted element is an unknown function of the file /booking.php of the component Appointment Booking. The manipulation of the argument fname/lname leads to cross site scripting. The attack may be initiated...

5.3CVSS3.5AI score0.00377EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.6 views

PT-2026-35437

A vulnerability was found in code-projects Online Lot Reservation System up to 1.0. This affects the function readfile of the file /download.php. The manipulation of the argument File results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and cou...

6.9CVSS5.2AI score0.0044EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.8 views

PT-2026-35516

A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function prepare kaggle dataset of the file src/kaggle mcp/server.py. The manipulation of the argument competition id leads to path traversal. The attack is possib...

7.5CVSS6.9AI score0.00411EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.6 views

PT-2026-35410

A flaw has been found in Totolink A8000RU 7.1cu.643 b20200521. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument wizard causes os command injection. It is possible to initiate the attack remotely. The exploit ha...

10CVSS8.2AI score0.01947EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.12 views

PT-2026-35366

A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. This manipulation of the argument page causes buffer overflow. The attack can be initiated remotely. The exploit has been...

9CVSS8.7AI score0.00815EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.6 views

PT-2026-35454

A vulnerability has been found in Totolink A8000RU 7.1cu.643 b20200521. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument HTTP leads to os command injection. The attack may be performed from remote. The exploit has...

10CVSS5.2AI score0.01766EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.4 views

PT-2026-35541

A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=save product. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.6 views

PT-2026-35432

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=delete category. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit ha...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.10 views

PT-2026-35542

A security vulnerability has been detected in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /guestdetails. Such manipulation of the argument deleteid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.10 views

PT-2026-35377

Name of the Vulnerable Software and Affected Versions Tenda F456 version 1.0.0.5 Description A flaw in the httpd component allows a remote attack to cause a buffer overflow, which occurs when a program writes more data to a storage area than it can hold. The issue is located in the fromNatlimitof...

9CVSS7.5AI score0.00619EPSS
Exploits1References11
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.8 views

PT-2026-35395

Name of the Vulnerable Software and Affected Versions NousResearch hermes-agent version 0.8.0 Description A flaw in the Webhooks Endpoint component, specifically within the gateway/platforms/webhook.py file, allows for missing authentication. This occurs through the manipulation of the INSECURE N...

6.3CVSS6AI score0.00362EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.17 views

PT-2026-35359

A flaw has been found in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /user of the component User Management Handler. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been published and may...

6.5CVSS6.1AI score0.00201EPSS
Exploits0References6
Rows per page
Query Builder