Lucene search
K

58 matches found

CVE
CVE
added 2026/04/05 10:45 a.m.15 views

CVE-2026-5561

CVE-2026-5561 affects Campcodes Complete POS Management and Inventory System up to v4.0.6. The vulnerability targets the Environment Variable Handler inside app/Http/Controllers/SettingsController.php, where an input manipulation can cause injection. The attack is remotely executable and the expl...

6.5CVSS6.3AI score0.00291EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/05 10:45 a.m.5 views

CVE-2026-5561

A vulnerability was determined in Campcodes Complete POS Management and Inventory System up to 4.0.6. This affects an unknown function of the file app/Http/Controllers/SettingsController.php of the component Environment Variable Handler. Executing a manipulation can lead to injection. It is...

6.5CVSS6.3AI score0.00291EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.7 views

PT-2026-30431

A vulnerability was determined in Campcodes Complete POS Management and Inventory System up to 4.0.6. This affects an unknown function of the file app/Http/Controllers/SettingsController.php of the component Environment Variable Handler. Executing a manipulation can lead to injection. It is...

6.5CVSS6.3AI score0.00291EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/03 9:0 a.m.9 views

CVE-2025-15437

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

5.4CVSS3.5AI score0.00242EPSS
Exploits1References1
NVD
NVD
added 2026/01/02 9:15 a.m.3 views

CVE-2025-15437

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

5.4CVSS0.00242EPSS
Exploits1References8
OSV
OSV
added 2026/01/02 9:15 a.m.6 views

CVE-2025-15437

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

5.4CVSS3.5AI score
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/01/02 8:32 a.m.4 views

CVE-2025-15437 LigeroSmart Environment Variable cross site scripting

A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing a manipulation of the argument REQUESTURI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could...

5.1CVSS3.5AI score0.00242EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/01/02 12:0 a.m.5 views

PT-2026-1060

Name of the Vulnerable Software and Affected Versions LigeroSmart versions up to 6.1.24 Description A flaw exists in the Environment Variable Handler component of LigeroSmart. Manipulation of the REQUEST URI argument can lead to cross-site scripting. The issue may be exploited remotely. The explo...

5.1CVSS5.6AI score0.00242EPSS
Exploits1References12
CNNVD
CNNVD
added 2026/01/02 12:0 a.m.3 views

LigeroSmart 代码注入漏洞

LigeroSmart is a management platform for LigeroSmart open source. A code injection vulnerability exists in LigeroSmart versions 6.1.24 and earlier, which stems from the incorrect manipulation of the parameter REQUESTURI in the component Environment Variable Handler, and could lead to a cross-site...

5.4CVSS4.7AI score0.00242EPSS
Exploits1References8
NVD
NVD
added 2026/01/01 11:15 p.m.5 views

CVE-2025-15416

A vulnerability was found in xnx3 wangmarket up to 6.4. This affects an unknown function of the file /siteVar/save.do of the component Add Global Variable Handler. The manipulation of the argument Remark/Variable Value results in cross site scripting. The attack can be executed remotely. The...

5.4CVSS0.00224EPSS
Exploits1References4
OSV
OSV
added 2026/01/01 11:15 p.m.4 views

CVE-2025-15416

A vulnerability was found in xnx3 wangmarket up to 6.4. This affects an unknown function of the file /siteVar/save.do of the component Add Global Variable Handler. The manipulation of the argument Remark/Variable Value results in cross site scripting. The attack can be executed remotely. The...

5.4CVSS5.6AI score
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-25253

Malicious code in bioql PyPI...

7.8CVSS5.6AI score0.01336EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29841

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.07359EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-23467

Malicious code in bioql PyPI...

5.5CVSS4.6AI score0.00366EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/09/20 1:57 a.m.16 views

CVE-2025-10634

A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminaladdr/serverip/serverport causes command injection. The atta...

8.8CVSS6.5AI score0.07359EPSS
Exploits1References1
OSV
OSV
added 2025/09/18 2:15 a.m.4 views

CVE-2025-10634

A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminaladdr/serverip/serverport causes command injection. The atta...

8.8CVSS5.6AI score0.07359EPSS
Exploits1References6
NVD
NVD
added 2025/09/18 2:15 a.m.4 views

CVE-2025-10634

A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminaladdr/serverip/serverport causes command injection. The atta...

8.8CVSS0.07359EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/09/18 1:2 a.m.4 views

CVE-2025-10634 D-Link DIR-823X Environment Variable goahead sub_412E7C command injection

A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminaladdr/serverip/serverport causes command injection. The atta...

6.5CVSS6.5AI score0.07359EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/09/18 1:2 a.m.8 views

CVE-2025-10634 D-Link DIR-823X Environment Variable goahead sub_412E7C command injection

A weakness has been identified in D-Link DIR-823X 240126/240802/250416. The impacted element is the function sub412E7C of the file /usr/sbin/goahead of the component Environment Variable Handler. This manipulation of the argument terminaladdr/serverip/serverport causes command injection. The atta...

6.5CVSS0.07359EPSS
Exploits1References6
CVE
CVE
added 2025/09/18 1:2 a.m.21 views

CVE-2025-10634

CVE-2025-10634 affects D-Link DIR-823X routers (versions 240126, 240802, 250416). The issue is in the Environment Variable Handler’s /usr/sbin/goahead component, specifically function sub_412E7C, where manipulating arguments terminal_addr/server_ip/server_port enables remote command injection. Th...

8.8CVSS6.5AI score0.07359EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder