CVE-2025-5735

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack may be...

CVE-2025-5734

A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The atta...

CVE-2025-5734

TOTOLINK X15 v1.0.0-B20230714.1105 is affected by a buffer overflow in the HTTP POST Request Handler, specifically in /boafrm/formWlanRedirect where input in the redirect-url argument can be manipulated to overflow a buffer. Exploitation can be remote and public exploit details exist. The reporte...

CVE-2025-5734 TOTOLINK X15 HTTP POST Request formWlanRedirect buffer overflow

A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer overflow. The atta...

PT-2025-24312 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue has been identified, affecting an unknown function of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation of the submit-url argument lea...

PT-2025-24342

Name of the Vulnerable Software and Affected Versions Tenda AC9 version 15.03.02.13 Description A critical issue affects the function formSetIptv of the file /goform/SetIPTVCfg in the component POST Request Handler. The manipulation of the argument list leads to command injection. The attack may ...

PT-2025-24385 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 multi Description: A critical vulnerability was found in the Tenda AC15 router, affecting the formsetschedled function of the file /goform/SetLEDCf in the HTTP POST Request Handler component. The manipulation of...

PT-2025-24317 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue has been discovered, affecting the HTTP POST Request Handler component, specifically the /boafrm/formPortFw file. The manipulation of the service type argument leads to a...

PT-2025-24383 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 multi Description: A critical vulnerability was found in the Tenda AC15 router, specifically affecting the formSetPPTPUserList function of the /goform/setPptpUserList file in the HTTP POST Request Handler...

PT-2025-24313 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue was found in the HTTP POST Request Handler component, specifically in the file /boafrm/formWsc. The manipulation of the submit-url argument leads to a buffer overflow. Th...

PT-2025-24603 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200T versions 4.1.2cu.5232 B20210713 and earlier Description: A critical issue was found in the HTTP POST Request Handler component, affecting an unknown function of the file /boafrm/formReflashClientTbl. The manipulation leads to...

CVE-2025-5672

A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument url leads to buffer...

CVE-2025-5671

A vulnerability, which was classified as critical, was found in TOTOLINK N302R Plus up to 3.4.0-B20201028. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype leads to buffer overflow. It is possib...

PT-2025-24051 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of TOTOLINK X15, affecting the file /boafrm/formWlanRedirect. The manipulation of the redirect-url...

PT-2025-24061 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue affects some unknown functionality of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation of the submit-url argument leads to buffer...

PT-2025-23946 · Totolink · Totolink N302R Plus

Name of the Vulnerable Software and Affected Versions: TOTOLINK N302R Plus versions up to 3.4.0-B20201028 Description: A critical vulnerability was found in the HTTP POST Request Handler component of TOTOLINK N302R Plus. The issue affects an unknown function of the file /boafrm/formPortFw. The...

PT-2025-23947 · Totolink · Totolink N302R Plus

Name of the Vulnerable Software and Affected Versions: TOTOLINK N302R Plus versions up to 3.4.0-B20201028 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically in the unknown functionality of the file /boafrm/formFilter. The manipulation of the url...

CVE-2025-5408

A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3 and WL-WN576K1 up to V1410240222 and classified as critical. Affected by this issue is the function syslogin of the file /cgi-bin/login.cgi of the component HTTP POST Request Handler. The...

CVE-2025-0339

A vulnerability classified as problematic has been found in code-projects Online Bike Rental 1.0. Affected is an unknown function of the file /vehical-details.php of the component HTTP GET Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotel...

CVE-2024-9277

A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remainingtext leads to...