CVE-2022-3547

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /csms/admin/?page=systeminfo of the component Setting Handler. The manipulation of the argument System Name/System Short Name lead...

CVE-2019-25093

A vulnerability, which was classified as problematic, was found in dragonexpert Recent Threads on Index. Affected is the function recentthreadlistthreads of the file inc/plugins/recentthreads/hooks.php of the component Setting Handler. The manipulation of the argument recentthreadforumskip leads ...

CVE-2025-3801

A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. It is possible to...

one-api Cross-site Scripting vulnerability

A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content leads to cross site scripting. It is possible to initiate the attack...

CVE-2025-3801 songquanpeng one-api System Setting cross site scripting

A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. It is possible to...

PT-2025-17378 · Unknown · Songquanpeng One-Api

Name of the Vulnerable Software and Affected Versions: songquanpeng one-api versions up to 0.6.10 Description: A vulnerability was found in the System Setting Handler component, allowing for cross-site scripting through the manipulation of the Homepage Content argument. This issue can be exploite...

CVE-2025-3563

A vulnerability was found in WuzhiCMS 4.1. It has been rated as critical. Affected by this issue is the function Set of the file /index.php?m=attachment=index&su=wuzhicms=set=1 of the component Setting Handler. The manipulation of the argument Setting leads to code injection. The attack may be...

CVE-2025-3563 WuzhiCMS Setting index.php set code injection

A vulnerability was found in WuzhiCMS 4.1. It has been rated as critical. Affected by this issue is the function Set of the file /index.php?m=attachment&f=index&su=wuzhicms&v=set&submit=1 of the component Setting Handler. The manipulation of the argument Setting leads to code injection. The attac...

CVE-2025-3563 WuzhiCMS Setting index.php set code injection

A vulnerability was found in WuzhiCMS 4.1. It has been rated as critical. Affected by this issue is the function Set of the file /index.php?m=attachment&f=index&su=wuzhicms&v=set&submit=1 of the component Setting Handler. The manipulation of the argument Setting leads to code injection. The attac...

PT-2025-16214 · Wuzhicms · Wuzhi Cms

Name of the Vulnerable Software and Affected Versions: WuzhiCMS version 4.1 Description: A critical issue was found in the Setting Handler component, specifically in the function Set of the file /index.php?m=attachment&f=index& su=wuzhicms&v=set&submit=1. The manipulation of the Setting argument...

CVE-2025-1882

A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done withi...

CVE-2025-1882

A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done withi...

The vulnerability in the form2Dhcpd.cgi script of the DHCPD Setting Handler component of the D-Link DIR-816 A2 router’s microprogramming system allows a attacker to compromise the integrity of the protected information.

The vulnerability of the form2Dhcpd.cgi script within the DHCPD Setting Handler component of the D-Link DIR-816 A2 router’s microprogramming system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the protecte...

PT-2025-6884 · Pmweb · Pmweb

Name of the Vulnerable Software and Affected Versions: PMWeb version 7.2.0 Description: A problem has been detected in the Setting Handler component, leading to weak password requirements. The attack can be initiated remotely and has a high complexity, making exploitation difficult. The exploit h...

CVE-2024-13105

A vulnerability has been found in D-Link DIR-816 A2 1.10CNB05R1B011D88210 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/form2Dhcpd.cgi of the component DHCPD Setting Handler. The manipulation leads to improper access controls. The attac...

CVE-2024-13105 D-Link DIR-816 A2 DHCPD Setting form2Dhcpd.cgi access control

A vulnerability has been found in D-Link DIR-816 A2 1.10CNB05R1B011D88210 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/form2Dhcpd.cgi of the component DHCPD Setting Handler. The manipulation leads to improper access controls. The attac...

CVE-2024-13105

The CVE-2024-13105 entry affects D-Link DIR-816 A2, specifically the DHCPD Setting Handler in /goform/form2Dhcpd.cgi. Affects version 1.10CNB05_R1B011D88210. Root cause is improper access controls on the DHCPD component, enabling a remote attacker to manipulate DHCP settings. In public sources, t...

PT-2025-2004 · D Link · D-Link Dir-816

Name of the Vulnerable Software and Affected Versions: D-Link DIR-816 A2 version 1.10CNB05 R1B011D88210 Description: A critical issue has been found in the DHCPD Setting Handler component, specifically affecting an unknown functionality of the file /goform/form2Dhcpd.cgi. This issue leads to...

CVE-2024-12001

A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is an unknown function of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. It is possible to...

CVE-2024-12001

A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is an unknown function of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to cross site scripting. It is possible to...