146762 matches found
CVE-2026-9359 Edimax EW-7438RPn POST Request formHwSet command injection
A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument...
Invincibility
CVE POC Collection Validated Proof-of-Concept exploits for CV...
CVE-2026-3515 Argument Injection in prefecthq/prefect
A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...
EUVD-2026-31563
A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...
CVE-2026-3515
A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...
CVE-2026-3515 Argument Injection in prefecthq/prefect
A vulnerability in the GitHubRepository block of the prefect-github integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the reference field. The reference field is concatenated directly into a git clone command string without proper...
EUVD-2026-31560
A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function checkallcommandguards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly...
CVE-2026-9350 NousResearch hermes-agent Batch Runner approval.py check_all_command_guards authorization
A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function checkallcommandguards of the file tools/approval.py of the component Batch Runner. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit is publicly...
CVE-2026-9347
A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...
CVE-2026-9347 Edimax EW-7438RPn webs formWizSurvey os command injection
A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...
CVE-2026-9347
Edimax EW-7438RPn (firmware up to 1.31) is affected by a vulnerability in the webs component, specifically the function formWizSurvey in /goform/formWizSurvey. The issue arises from manipulation of the ip/mask/gateway arguments, resulting in OS command injection. The vulnerability can be triggere...
CVE-2026-9347
A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...
EUVD-2026-31558
A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...
Database-Exploitation-Manual
🛡️ SecDB Auditor - Database Security Compiling Suite & Manual...
CLSA-2026-1779582830 vim: Fix of CVE-2026-46483
CVE-2026-46483: fix command injection in tar plugin Vimuntar when decompressing .tgz archives by passing the special flag to shellescape upstream vim 9.2.0479...
PT-2026-42919
Name of the Vulnerable Software and Affected Versions Edimax EW-7438RPn version 1.12 Description A command injection flaw exists in the POST Request Handler component. A remote attacker can trigger this issue by manipulating the submit-url argument within the formAccept function of the...
PT-2026-42976
Name of the Vulnerable Software and Affected Versions Totolink A8000RU version 7.1cu.643 b20200521 Description An OS command injection flaw exists in the Web Management Interface. The issue occurs within the setGameSpeedCfg function of the '/cgi-bin/cstecgi.cgi' endpoint. Remote exploitation is...
PT-2026-42920
A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument max Conn/timeOut leads to command injection. The attack...
Edimax BR-6675nD 命令注入漏洞
The Edimax BR-6675nD is a dual-band broadband wireless router produced by Edimax Corporation. Version 1.12 of the Edimax BR-6675nD contains a command injection vulnerability. This vulnerability stems from the formUSBStorage function in the POST Request Handler component, specifically the...
PT-2026-42902
A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mask/gateway leads to os command injection. It is possible to initiate the attack remotely. The explo...