41223 matches found
CVE-2026-7057
The CVE-2026-7057 affects Tenda F456 (firmware 1.0.0.5). The vulnerability is in the httpd component, specifically the /goform/setcfm handler, where manipulating the arguments funcname/funcpara1 leads to a buffer overflow. This could permit a remote attacker to exploit the flaw, and published exp...
CVE-2026-7056 Tenda F456 httpd SafeUrlFilter fromSafeUrlFilter buffer overflow
A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be...
EUVD-2026-25726
A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be...
CVE-2026-7056
A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be...
CVE-2026-7056
Affected product: Tenda F456 (firmware 1.0.0.5). Vulnerable component: httpd, function fromSafeUrlFilter in /goform/SafeUrlFilter. Issue: manipulation of the argument page leads to a buffer overflow. Exploitability: remote, with public exploit available. Impact: high-severity across confidentiali...
CVE-2026-7055 Tenda F456 httpd VirtualSer fromVirtualSer buffer overflow
A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The...
CVE-2026-7055 Tenda F456 httpd VirtualSer fromVirtualSer buffer overflow
A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The...
CVE-2026-7054
A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The...
CVE-2026-7054 Tenda F456 httpd PPTPDClient fromPptpUserAdd buffer overflow
A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The...
CVE-2026-7054 Tenda F456 httpd PPTPDClient fromPptpUserAdd buffer overflow
A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The...
EUVD-2026-25724
A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The...
CVE-2026-7054
CVE-2026-7054 affects Tenda F456 1.0.0.5. The vulnerability is in httpd, function fromPptpUserAdd of /goform/PPTPDClient, where manipulating the opttype/username argument causes a buffer overflow. It is exploitable remotely and a public exploit exists. Metrics indicate a high-severity impact (CVS...
EUVD-2026-25723
A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-7045 baomidou dynamic-datasource StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource injection
A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessordoDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the...
CVE-2026-7044
CVE-2026-7044 affects GreenCMS up to version 2.3. The vulnerability is in the function themeadd of /index.php?m=admin&c=custom&a=themeadd, enabling an unrestricted file upload. It can be exploited remotely, and the exploit has been made public. The entry notes that only products no longer support...
CVE-2026-7044 GreenCMS index.php themeadd unrestricted upload
A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only...
CVE-2026-7044
A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only...
CVE-2026-7044 GreenCMS index.php themeadd unrestricted upload
A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only...
EUVD-2026-25721
A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only...
CVE-2026-7043
Affected product/versions: GreenCMS up to 2.3. Vulnerability surface: function pluginAddLocal in /index.php?m=admin&c=custom&a=pluginadd enables unrestricted upload. Impact (as stated): unrestricted upload capability; remote initiation possible. Exploit status: exploit has been disclosed to the p...