Lucene search
K

55 matches found

NVD
NVD
added 2026/02/09 6:16 a.m.8 views

CVE-2026-2218

A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

8.8CVSS0.03454EPSS
Exploits1References6
OSV
OSV
added 2026/02/09 6:16 a.m.7 views

CVE-2026-2218

A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

8.8CVSS5.5AI score0.03454EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/02/09 6:2 a.m.6 views

CVE-2026-2218

A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

6.5CVSS6.1AI score0.03454EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.7 views

D-Link DCS-931L 命令注入漏洞

The D-Link DCS-931L is a wireless camera from the D-Link company. Versions of D-Link DCS-931L prior to 1.13.0 have a command injection vulnerability. This vulnerability stems from incorrect operations with the parameter AdminID in the file /setSystemAdmin, which may lead to command injection...

7.2CVSS5.8AI score0.05351EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.8 views

PT-2026-7070

A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

6.5CVSS5.2AI score0.03454EPSS
Exploits1References7
CNVD
CNVD
added 2025/12/10 12:0 a.m.3 views

D-Link DCS-930L Command Injection Vulnerability

D-Link DCS-930L is a network camera from China AUO D-Link. The D-Link DCS-930L suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands, etc. in the parameter AdminID in the file /setSystemAdmin. An attacker can...

8.8CVSS7.9AI score0.07402EPSS
Exploits1References1
OSV
OSV
added 2025/12/08 10:15 a.m.5 views

CVE-2025-14225

A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed...

8.8CVSS5.6AI score0.07402EPSS
Exploits1References5
NVD
NVD
added 2025/12/08 10:15 a.m.5 views

CVE-2025-14225

A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed...

8.8CVSS0.07402EPSS
Exploits1References5
CVE
CVE
added 2025/12/08 9:2 a.m.14 views

CVE-2025-14225

The CVE-2025-14225 entry concerns D-Link DCS-930L (firmware 1.15.04) and the alphapd component, where manipulating the AdminID parameter in /setSystemAdmin can yield remote command execution. Public disclosures exist, and the affected products are no longer supported by the maintainer. Several co...

8.8CVSS6.7AI score0.07402EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/12/08 9:2 a.m.5 views

EUVD-2025-201702

A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed...

6.5CVSS6.5AI score0.07402EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2025/12/08 12:0 a.m.6 views

PT-2025-49538

Name of the Vulnerable Software and Affected Versions D-Link DCS-930L version 1.15.04 Description A flaw exists in D-Link DCS-930L version 1.15.04 that allows for remote command injection. The issue is located within the alphapd component, specifically in the /setSystemAdmin file. Manipulation of...

8.8CVSS6.5AI score0.07402EPSS
Exploits1References10
CNNVD
CNNVD
added 2025/12/08 12:0 a.m.4 views

D-Link DCS-930L 命令注入漏洞

D-Link DCS-930L is a network camera from China AUO D-Link. The D-Link DCS-930L suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands, etc. in the parameter AdminID in the file /setSystemAdmin. An attacker can...

8.8CVSS7AI score0.07402EPSS
Exploits1References5
OSV
OSV
added 2025/06/04 6:15 a.m.7 views

CVE-2025-5571

A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSystemAdmin of the file /setSystemAdmin. The manipulation of the argument AdminID leads to os command injection. It is possible to launch the attack remotely. The exploit has been...

8.8CVSS5.6AI score0.08169EPSS
Exploits1References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/16 1:17 p.m.3 views

Malicious code in sap-adminid (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
NVD
NVD
added 2024/07/09 11:15 a.m.11 views

CVE-2023-38052

A BOLA vulnerability in GET, PUT, DELETE /admins/adminId allows a low privileged user to fetch, modify or delete a high privileged user admin. This results in unauthorized access and unauthorized data manipulation...

9.9CVSS0.004EPSS
Exploits0References1
CVE
CVE
added 2024/07/09 10:27 a.m.49 views

CVE-2023-38052

CVE-2023-38052 describes a BOLA vulnerability in the EasyAppointments API where GET, PUT, DELETE /admins/{adminId} endpoints permit a low-privileged user to fetch, modify, or delete a high-privileged admin, leading to unauthorized access and data manipulation. Multiple sources associate this with...

9.9CVSS8.3AI score0.004EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/05/17 7:15 p.m.5 views

CVE-2023-2773

A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file viewadmin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched...

8.8CVSS5.7AI score0.00601EPSS
Exploits0References3
Prion
Prion
added 2023/05/17 7:15 p.m.12 views

Sql injection

A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file viewadmin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched...

6.5CVSS9AI score0.00601EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2023/05/17 12:0 a.m.5 views

PT-2023-21309 · Unknown · Code-Projects Bus Dispatch/Information System

Name of the Vulnerable Software and Affected Versions: code-projects Bus Dispatch and Information System version 1.0 Description: A critical issue has been found in the code-projects Bus Dispatch and Information System, affecting an unknown functionality of the file view admin.php. The manipulati...

8.8CVSS8.3AI score0.00601EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/05/17 12:0 a.m.5 views

Bus Dispatch and Information System SQL注入漏洞

Bus Dispatch and Information System is a bus dispatch and information system. A SQL injection vulnerability exists in Bus Dispatch and Information System version 1.0, which stems from an unknown function in viewadmin.php that causes sql injection via the parameter adminid...

8.8CVSS7.1AI score0.00601EPSS
Exploits0References4
Rows per page
Query Builder