40910 matches found
CVE-2026-11524 Tenda W20E Web Management modifyWifiFilterRules stack-based overflow
A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...
EUVD-2026-35084
A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...
CVE-2026-11436
A vulnerability was detected in Mage AI up to 0.9.79. This impacts the function useMutation of the file mageai/frontend/components/Sessions/SignForm/index.tsx of the component Sign-in Flow. Performing a manipulation of the argument query.redirecturl results in cross site scripting. Remote...
CVE-2026-11523
The vulnerability CVE-2026-11523 affects Tenda W20E firmware version 15.11.0.6, in the Web Management Interface function formPortalAuth (file /goform/PortalAuth). Manipulating the argument gotoUrl can trigger a stack-based buffer overflow. Exploitation can be performed remotely, and a public expl...
EUVD-2026-35080
A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...
CVE-2026-11523 Tenda W20E Web Management PortalAuth formPortalAuth stack-based overflow
A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...
CVE-2026-11523 Tenda W20E Web Management PortalAuth formPortalAuth stack-based overflow
A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...
CVE-2026-11522
CVE-2026-11522 describes a stack-based buffer overflow in the Tenda W20E firmware version 15.11.0.6, specifically in the formSetPortMirror function exposed via /goform/setPortMirror. By manipulating the portMirrorMirroredPorts argument, an attacker can trigger the overflow remotely. This vulnerab...
EUVD-2026-35077
A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerability affects the function formSetPortMirror of the file /goform/setPortMirror. Performing a manipulation of the argument portMirrorMirroredPorts results in stack-based buffer overflow. The attack can be initiated remotely. The...
CVE-2026-11521
Mohammed-eid35 bank-management-system-springboot (Transaction Endpoint) has a vulnerability in TransactionController.java leading to improper authorization. A remote attacker could exploit it, and public PoCs exist per the CVE metrics. Affected version details are not provided due to rolling rele...
EUVD-2026-35070
A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and...
CVE-2026-11520 SourceCodester Inventory System header.php cross site scripting
A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and...
CVE-2026-11520
A weakness has been identified in SourceCodester Inventory System 1.0. Affected by this issue is some unknown functionality of the file header.php. This manipulation causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to the public and...
CVE-2026-11519
The CVE concerns SourceCodester Inventory System 1.0, affecting /Product_Inventory/api/users_handler.php in the Account Creation Handler. The ROLE parameter manipulation causes improper authorization, enabling remote exploitation. Public exploit exists. Technical details specify network attack ve...
CVE-2026-11519 SourceCodester Inventory System Account Creation users_handler.php improper authorization
A security flaw has been discovered in SourceCodester Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ProductInventory/api/usershandler.php of the component Account Creation Handler. The manipulation of the argument ROLE results in improper...
CVE-2026-11519
A security flaw has been discovered in SourceCodester Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ProductInventory/api/usershandler.php of the component Account Creation Handler. The manipulation of the argument ROLE results in improper...
CVE-2026-11519 SourceCodester Inventory System Account Creation users_handler.php improper authorization
A security flaw has been discovered in SourceCodester Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ProductInventory/api/usershandler.php of the component Account Creation Handler. The manipulation of the argument ROLE results in improper...
EUVD-2026-35068
A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The manipulation of the argument fullname/username leads to cross site scripting. The attack is possible to be carried out remotely...
CVE-2026-11518
A vulnerability was identified in SourceCodester Inventory System 1.0. Affected is an unknown function of the file /users.php of the component User Management Page. The manipulation of the argument fullname/username leads to cross site scripting. The attack is possible to be carried out remotely...
CVE-2026-11512
A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipulation of the argument patientid leads to cross site scripting. The attack can be initiated remotely. The exploit has been...