CVE-2026-5825 code-projects Simple Laundry System delmemberinfo.php cross site scripting

A vulnerability was detected in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /delmemberinfo.php. Performing a manipulation of the argument userid results in cross site scripting. The attack can be initiated remotely. The exploit is now public and ma...

PT-2026-31815

Name of the Vulnerable Software and Affected Versions D-Link DIR-605L version 2.13B01 Description A buffer overflow issue exists in the POST Request Handler component, specifically within the formSetLog function located in the /goform/formSetLog file. Manipulation of the curTime argument can...

PT-2026-31820

Name of the Vulnerable Software and Affected Versions Zod jsVideoUrlParser versions up to 0.5.1 Description A weakness exists in Zod jsVideoUrlParser up to version 0.5.1. The issue is related to inefficient regular expression complexity caused by manipulation of the timestamp argument within the...

PT-2026-31679

A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xml fill of the file metagpt/actions/action node.py of the component XML Handler. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated...

PT-2026-31652

A security vulnerability has been detected in code-projects Simple IT Discussion Forum 1.0. This vulnerability affects unknown code of the file /topic-details.php. The manipulation of the argument post id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed...

PT-2026-31668

Name of the Vulnerable Software and Affected Versions Tenda CH22 version 1.0.0.6468 Description A path traversal issue exists in the httpd component, specifically within the R7WebsSecurityHandlerfunction function. This allows for remote manipulation. The exploit is publicly available...

PT-2026-31593

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A vulnerability exists in the Totolink A7100RU device that allows for remote operating system command injection. This is due to a flaw in the setWiFiEasyCfg function within the...

PT-2026-31584

Name of the Vulnerable Software and Affected Versions decolua 9router versions up to 0.3.47 Description A security issue exists in decolua 9router that allows an attacker to bypass authorization. The vulnerability is located in an unknown function within the /api of the Administrative API Endpoin...

PT-2026-31581

Name of the Vulnerable Software and Affected Versions PHPGurukul News Portal Project version 4.1 Description A SQL injection issue exists in PHPGurukul News Portal Project 4.1 due to improper handling of input in the /admin/add-subcategory.php file. Manipulation of the sucatdescription argument c...

PT-2026-31635

A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...

PT-2026-31580

Name of the Vulnerable Software and Affected Versions PHPGurukul News Portal Project version 4.1 Description A flaw exists in PHPGurukul News Portal Project 4.1 related to SQL injection. The issue is located in the file '/admin/add-subadmins.php', where manipulation of the sadminusername argument...

PT-2026-31558

A flaw has been found in code-projects Simple IT Discussion Forum 1.0. This issue affects some unknown processing of the file /edit-category.php. Executing a manipulation of the argument Category can lead to cross site scripting. The attack can be launched remotely. The exploit has been published...

PT-2026-31723

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A vulnerability exists in the Totolink A7100RU device. The setDmzCfg function within the CGI Handler component, specifically in the /cgi-bin/cstecgi.cgi file, is susceptible to OS comma...

PT-2026-31575

Name of the Vulnerable Software and Affected Versions Online Shoe Store version 1.0 Description A cross site scripting issue exists due to the manipulation of the product name argument in the file '/admin/admin product.php'. The attack can be initiated remotely and the exploit has been publicly...

decolua 9router vulnerable to authorization bypass

A security vulnerability has been detected in decolua 9router up to 0.3.47. The impacted element is an unknown function of the file /api of the component Administrative API Endpoint. The manipulation leads to authorization bypass. The attack is possible to be carried out remotely. The exploit has...

PT-2026-31564

Name of the Vulnerable Software and Affected Versions Tenda AC15 version 15.03.05.18 Description A stack-based buffer overflow exists in the websGetVar function of the /goform/SysToolChangePwd file. Manipulation of the oldPwd, newPwd, and cfmPwd arguments can trigger this issue. The attack can be...

VulnCheck KEV: CVE-2025-1338

A vulnerability was found in NUUO Camera up to 20250203. It has been declared as critical. This vulnerability affects the function printfile of the file /handleconfig.php. The manipulation of the argument log leads to command injection. The attack can be initiated remotely. The exploit has been...

PT-2026-31814

Name of the Vulnerable Software and Affected Versions D-Link DIR-605L version 2.13B01 Description A buffer overflow issue exists in the POST Request Handler component of D-Link DIR-605L version 2.13B01. The issue is located in the formSetDDNS function within the /goform/formSetDDNS file...

PT-2026-31738

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A weakness exists in Totolink A7100RU version 7.4cu.2313 b20191024. The setWiFiBasicCfg function within the /cgi-bin/cstecgi.cgi file of the CGI Handler component is affected...

PT-2026-31741

Name of the Vulnerable Software and Affected Versions D-Link DIR-605L version 2.13B01 Description A flaw exists in the formSetMACFilter function of the /goform/formSetMACFilter file within the POST Request Handler component. Manipulation of the curTime argument can cause a buffer overflow,...