1200 matches found
CVE-2026-27326
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services | HVAC, Air...
WordPress plugin AC Services 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
WordPress AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme theme <= 1.2.5 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme versions = 1.2.5...
CVE-2026-24105
An issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.18multi. The value of v1 was not checked, potentially leading to a command injection vulnerability if injected into doSystemCmd...
Time Stepped Cyber Physical Simulation of DoS, DoD, and FDI Attacks on the IEEE 14 Bus System
Reliable grid operation depends on accurate and timely telemetry, making modern power systems vulnerable to communication layer cyberattacks. This paper evaluates how Denial of Service DoS, Denial of Data DoD, and False Data Injection FDI attacks disrupt the IEEE 14 bus system using a MATLAB only...
CVE-2026-2129
A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/setacstatus. Performing a manipulation of the argument acipaddr/acipstatus/aprandtime results in os command injection. The attack may be initiated remotely. The exploit ha...
Tenda AC8 安全漏洞
The Tenda AC8 is a wireless router produced by the Chinese company Tenda. The version 16.03.33.05 of the Tenda AC8 has a security vulnerability. This vulnerability stems from incorrect handling of the shareSpeed parameter in the goform/WifiGuestSet file within the httpd component, which may lead ...
CVE-2026-2129
A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/setacstatus. Performing a manipulation of the argument acipaddr/acipstatus/aprandtime results in os command injection. The attack may be initiated remotely. The exploit ha...
CVE-2026-2129
A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/setacstatus. Performing a manipulation of the argument acipaddr/acipstatus/aprandtime results in os command injection. The attack may be initiated remotely. The exploit ha...
EUVD-2026-5819
A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/setacstatus. Performing a manipulation of the argument acipaddr/acipstatus/aprandtime results in os command injection. The attack may be initiated remotely. The exploit ha...
CVE-2026-2129 D-Link DIR-823X set_ac_status os command injection
A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/setacstatus. Performing a manipulation of the argument acipaddr/acipstatus/aprandtime results in os command injection. The attack may be initiated remotely. The exploit ha...
CVE-2026-2129 D-Link DIR-823X set_ac_status os command injection
A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/setacstatus. Performing a manipulation of the argument acipaddr/acipstatus/aprandtime results in os command injection. The attack may be initiated remotely. The exploit ha...
D-Link DIR-823X 操作系统命令注入漏洞
The D-Link DIR-823X is a wireless router produced by D-Link Corporation. The D-Link DIR-823X 250416 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect operations on parameters such as acipaddr, acipstatus, and aprandtime in the...
PT-2026-6943
Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A flaw exists in D-Link DIR-823X version 250416 related to the processing of input for the file /goform/set ac status. Manipulation of the ac ipaddr, ac ipstatus, and ap randtime arguments can lead to...
CVE-2026-2063
A security flaw has been discovered in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/setacserver of the component Web Management Interface. The manipulation of the argument acserver results in os command injection. The attack can be launched remotely. The...
CVE-2026-2063
A security flaw has been discovered in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/setacserver of the component Web Management Interface. The manipulation of the argument acserver results in os command injection. The attack can be launched remotely. The...
CVE-2026-2063 D-Link DIR-823X Web Management set_ac_server os command injection
A security flaw has been discovered in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/setacserver of the component Web Management Interface. The manipulation of the argument acserver results in os command injection. The attack can be launched remotely. The...
EUVD-2026-5598
A security flaw has been discovered in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/setacserver of the component Web Management Interface. The manipulation of the argument acserver results in os command injection. The attack can be launched remotely. The...
CVE-2026-2063 D-Link DIR-823X Web Management set_ac_server os command injection
A security flaw has been discovered in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/setacserver of the component Web Management Interface. The manipulation of the argument acserver results in os command injection. The attack can be launched remotely. The...
Malicious code in ac-element-engagement (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 781104558212062e46f87c009a2a0af57fb00f707c878b53dfc5a7c241cce06b The package ac-element-engagement was found to contain malicious code. Source: ossf-package-analysis...