CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/04/27 8:45 a.m.•5 views

CVE-2026-7107 code-projects Invoice System in Laravel company unrestricted upload

A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted element is an unknown function of the file /company. This manipulation of the argument logo causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been made availabl...

6.5CVSS6.3AI score0.00201EPSS

EUVD•added 2026/04/27 8:30 a.m.•3 views

EUVD-2026-25803

A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file updateuser.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's...

6.3CVSS4.5AI score0.00188EPSS

ATTACKERKB•added 2026/04/27 8:30 a.m.•4 views

CVE-2026-7103

6.3CVSS4.6AI score0.00188EPSS

Exploits0References6Affected Software1

CVE•added 2026/04/27 8:30 a.m.•14 views

CVE-2026-7103

Code-projects Chat System 1.0 is affected by CVE-2026-7103. The flaw is in the MD5 Hash Handler, specifically the update_user.php file, where manipulating the Password argument can cause the system to use a weak hash. It is described as remotely exploitable with high attack complexity and difficu...

6.3CVSS4.4AI score0.00188EPSS

CVE•added 2026/04/27 8:15 a.m.•11 views

CVE-2026-7102

CVE-2026-7102 affects Tenda F456 firmware 1.0.0.5, specifically the httpd component’s FromWriteFacMac function in /goform/WriteFacMac. The vulnerability arises from manipulating the mac argument, leading to command injection. The issue can be exploited remotely, and public exploits exist. Details...

8.8CVSS6.4AI score0.03024EPSS

Vulnrichment•added 2026/04/27 8:15 a.m.•6 views

CVE-2026-7102 Tenda F456 httpd WriteFacMac FromWriteFacMac command injection

A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...

6.5CVSS6.3AI score0.03024EPSS

ATTACKERKB•added 2026/04/27 8:15 a.m.•5 views

CVE-2026-7102

6.5CVSS5.2AI score0.03024EPSS

Cvelist•added 2026/04/27 7:45 a.m.•26 views

CVE-2026-7100 Tenda F456 httpd Natlimit fromNatlimitof buffer overflow

A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

9CVSS0.00619EPSS

CVE•added 2026/04/27 7:45 a.m.•8 views

CVE-2026-7100

CVE-2026-7100 affects Tenda F456 1.0.0.5. The vulnerable element is the function fromNatlimitof in the file /goform/Natlimit of the httpd component. Exploitation via remote manipulation can cause a buffer overflow with high impact on confidentiality, integrity, and availability. The vulnerability...

9CVSS8.6AI score0.00619EPSS

EUVD•added 2026/04/27 7:45 a.m.•6 views

EUVD-2026-25800

9CVSS5.9AI score0.00619EPSS

Vulnrichment•added 2026/04/27 7:30 a.m.•1 views

CVE-2026-7099 Tenda F456 httpd QuickIndex formQuickIndex buffer overflow

A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd. Performing a manipulation of the argument mitlinktype results in buffer overflow. The attack may be initiated remotely. The exploit is now...

9CVSS8.8AI score0.00632EPSS

ATTACKERKB•added 2026/04/27 7:30 a.m.•3 views

CVE-2026-7099

9CVSS5.9AI score0.00632EPSS

Cvelist•added 2026/04/27 7:30 a.m.•34 views

CVE-2026-7099 Tenda F456 httpd QuickIndex formQuickIndex buffer overflow

9CVSS0.00632EPSS

NVD•added 2026/04/27 7:16 a.m.•6 views

CVE-2026-7093

A vulnerability was found in code-projects Invoice System in Laravel 1.0. Affected by this vulnerability is an unknown functionality of the file /invoice/ of the component Invoice Endpoint. Performing a manipulation of the argument ID results in improper authorization. The attack is possible to b...

6.5CVSS0.00201EPSS

CVE•added 2026/04/27 7:15 a.m.•10 views

CVE-2026-7098

CVE-2026-7098 affects Tenda F456 1.0.0.5. In the httpd component, the function fromDhcpListClient in /goform/DhcpListClient is vulnerable to a buffer overflow caused by manipulation of the page argument. The issue can be exploited remotely, and public exploits have been disclosed. Metrics indicat...

9CVSS8.7AI score0.00619EPSS

Cvelist•added 2026/04/27 7:15 a.m.•28 views

CVE-2026-7098 Tenda F456 httpd DhcpListClient fromDhcpListClient buffer overflow

A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit has been...

9CVSS0.00619EPSS

ATTACKERKB•added 2026/04/27 7:15 a.m.•5 views

CVE-2026-7098

9CVSS6AI score0.00619EPSS

Vulnrichment•added 2026/04/27 7:0 a.m.•6 views

CVE-2026-7097 Tenda F456 httpd webExcptypemanFilter fromwebExcptypemanFilter buffer overflow

A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. This manipulation of the argument page causes buffer overflow. The attack can be initiated remotely. The exploit has been...

9CVSS8.6AI score0.00815EPSS

CVE•added 2026/04/27 7:0 a.m.•18 views

CVE-2026-7097

The CVE affects Tenda F456 1.0.0.5, specifically the httpd component’s /goform/webExcptypemanFilter function fromwebExcptypemanFilter. The issue is a buffer overflow caused by manipulation of the argument page, with a remote attack vector and public exploit availability. CVSS data from VulDB indi...

9CVSS8.7AI score0.00815EPSS