55 matches found
CVE-2026-2218
A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...
CVE-2026-2218
A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...
CVE-2026-2218
A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...
D-Link DCS-931L 命令注入漏洞
The D-Link DCS-931L is a wireless camera from the D-Link company. Versions of D-Link DCS-931L prior to 1.13.0 have a command injection vulnerability. This vulnerability stems from incorrect operations with the parameter AdminID in the file /setSystemAdmin, which may lead to command injection...
PT-2026-7070
A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...
D-Link DCS-930L Command Injection Vulnerability
D-Link DCS-930L is a network camera from China AUO D-Link. The D-Link DCS-930L suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands, etc. in the parameter AdminID in the file /setSystemAdmin. An attacker can...
CVE-2025-14225
A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed...
CVE-2025-14225
A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed...
CVE-2025-14225
The CVE-2025-14225 entry concerns D-Link DCS-930L (firmware 1.15.04) and the alphapd component, where manipulating the AdminID parameter in /setSystemAdmin can yield remote command execution. Public disclosures exist, and the affected products are no longer supported by the maintainer. Several co...
EUVD-2025-201702
A vulnerability was determined in D-Link DCS-930L 1.15.04. This affects an unknown part of the file /setSystemAdmin of the component alphapd. Executing manipulation of the argument AdminID can lead to command injection. The attack can be executed remotely. The exploit has been publicly disclosed...
PT-2025-49538
Name of the Vulnerable Software and Affected Versions D-Link DCS-930L version 1.15.04 Description A flaw exists in D-Link DCS-930L version 1.15.04 that allows for remote command injection. The issue is located within the alphapd component, specifically in the /setSystemAdmin file. Manipulation of...
D-Link DCS-930L 命令注入漏洞
D-Link DCS-930L is a network camera from China AUO D-Link. The D-Link DCS-930L suffers from a command injection vulnerability that stems from the failure to properly filter construct command special characters, commands, etc. in the parameter AdminID in the file /setSystemAdmin. An attacker can...
CVE-2025-5571
A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. Affected is the function setSystemAdmin of the file /setSystemAdmin. The manipulation of the argument AdminID leads to os command injection. It is possible to launch the attack remotely. The exploit has been...
Malicious code in sap-adminid (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2023-38052
A BOLA vulnerability in GET, PUT, DELETE /admins/adminId allows a low privileged user to fetch, modify or delete a high privileged user admin. This results in unauthorized access and unauthorized data manipulation...
CVE-2023-38052
CVE-2023-38052 describes a BOLA vulnerability in the EasyAppointments API where GET, PUT, DELETE /admins/{adminId} endpoints permit a low-privileged user to fetch, modify, or delete a high-privileged admin, leading to unauthorized access and data manipulation. Multiple sources associate this with...
CVE-2023-2773
A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file viewadmin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched...
Sql injection
A vulnerability has been found in code-projects Bus Dispatch and Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file viewadmin.php. The manipulation of the argument adminid leads to sql injection. The attack can be launched...
PT-2023-21309 · Unknown · Code-Projects Bus Dispatch/Information System
Name of the Vulnerable Software and Affected Versions: code-projects Bus Dispatch and Information System version 1.0 Description: A critical issue has been found in the code-projects Bus Dispatch and Information System, affecting an unknown functionality of the file view admin.php. The manipulati...
Bus Dispatch and Information System SQL注入漏洞
Bus Dispatch and Information System is a bus dispatch and information system. A SQL injection vulnerability exists in Bus Dispatch and Information System version 1.0, which stems from an unknown function in viewadmin.php that causes sql injection via the parameter adminid...