40951 matches found
PT-2026-43012
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643 b20200521. Impacted is the function setWiFiWpsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument wscDisabled leads to os command injection. The attack may be...
PT-2026-43089
A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92abf2d224d46a0a203. Affected by this issue is the function confirm logged in of the file /studentdel.php. The manipulation of the argument ID results in sql injection. The attack may be launched...
PT-2026-43039
A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. Affected by this issue is the function ExecTool.execute of the file /src/tools/exec.ts. Such manipulation leads to os command injection. The attack can be launched remotely. The...
PT-2026-43015
A flaw has been found in Totolink A8000RU 7.1cu.643 b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...
PT-2026-43086
A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRST NAME results in cross site scripting. The attack can be initiated remotely...
PT-2026-43102
A flaw has been found in Edimax EW-7438RPn 1.31. This affects the function formStats of the file /goform/formStats. This manipulation of the argument submit-url causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was...
PT-2026-43114
A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks...
PT-2026-43087
A flaw has been found in dazeb markdown-downloader up to 3d4394b34b6c99d81af817623af55e3384df5a6a. Affected is the function download markdown/list downloaded files/create subdirectory of the file src/index.ts. Executing a manipulation can lead to path traversal. The attack can be launched remotel...
PT-2026-43031
A vulnerability has been found in SourceCodester Simple POS and Inventory System 1.0. The affected element is an unknown function of the file /admin/edit customer.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed ...
Code-Projects Employee Management System SQL注入漏洞
Code-Projects Employee Management System is a Code-Projects open source employee management system . Code-Projects Employee Management System version 1.0 suffers from a SQL injection vulnerability that originates from the manipulation of an unknown function in the /changepassemp.php file, which...
PT-2026-43103
A vulnerability was found in SourceCodester Student Grades Management System 1.0. Affected is an unknown function of the file grades.php. Performing a manipulation of the argument student id results in improper authorization. The attack may be initiated remotely. The exploit has been made public...
PT-2026-43091
A vulnerability was identified in Totolink A8000RU 7.1cu.643 b20200521. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be...
PT-2026-43011
A weakness has been identified in Totolink A8000RU 7.1cu.643 b20200521. This issue affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument enable causes os command injection. The attack may be initiated...
CVE-2026-9407 Totolink A8000RU Web Management cstecgi.cgi setFirewallType os command injection
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. Affected by this vulnerability is the function setFirewallType of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument firewallType leads to os command injection...
CVE-2026-9406 Totolink A8000RU Web Management cstecgi.cgi setRemoteCfg os command injection
A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...
CVE-2026-9406
Totolink A8000RU Web Management (7.1cu.643_b20200521) is affected by CVE-2026-9406 due to a flaw in the setRemoteCfg function in /cgi-bin/cstecgi.cgi. Manipulation of the enable argument allows os command injection, with remote access. The CVE is supported by public exploit availability and PoC m...
CVE-2026-9406 Totolink A8000RU Web Management cstecgi.cgi setRemoteCfg os command injection
A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...
CVE-2026-9401
A vulnerability has been found in Edimax BR-6675nD 1.12. Impacted is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to buffer overflow. The attack can be initiated remotely. The exploit...
CVE-2026-9400
A flaw has been found in Edimax BR-6675nD 1.12. This issue affects the function formUSBStorage of the file /goform/formUSBStorage of the component POST Request Handler. Executing a manipulation of the argument subdir can lead to command injection. It is possible to launch the attack remotely. The...
CVE-2026-9404
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. Th...