EUVD-2026-3119

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=DestinoControle...

CVE-2026-23728

WeGIA (web manager for charitable institutions) prior to version 3.6.2 is affected by an Open Redirect vulnerability in the /WeGIA/controle/control.php endpoint. The issue is triggered via the nextPage parameter when used with metodo=listarTodos and nomeClasse=DestinoControle, where the applicati...

CVE-2026-23726 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=TipoEntradaControle)

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, An Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and...

SAP S/4HANA 输入验证错误漏洞

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. An input validation error vulnerability exists in SAP S/4HANA, which originates from an attacker being able to craft a malicious link that could result in the victim being...

CVE-2025-62361

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.0, an Open Redirect vulnerability was identified in the control.php endpoint of the WeGIA application, specifically in the nextPage parameter metodo=listarTodos...

EUVD-2023-1683

Malicious code in bioql PyPI...

TP-Link Archer C7(EU) and TL-WR841N/ND(MS) OS Command Injection Vulnerability

TP-Link Archer C7EU and TL-WR841N/NDMS contain an OS command injection vulnerability that exists in the Parental Control page. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...

CVE-2025-9377

The authenticated remote command execution RCE vulnerability exists in the Parental Control page on TP-Link Archer C7EU V2 and TL-WR841N/NDMS V9. This issue affects Archer C7EU V2: before 241108 and TL-WR841N/NDMS V9: before 241108. Both products have reached the status of EOL end-of-life. It's...

EUVD-2025-26234

The authenticated remote command execution RCE vulnerability exists in the Parental Control page on TP-Link Archer C7EU V2 and TL-WR841N/NDMS V9. This issue affects Archer C7EU V2: before 241108 and TL-WR841N/NDMS V9: before 241108. Both products have reached the status of EOL end-of-life. It's...

CVE-2025-37740

The CVE-2025-37740 entry concerns the Linux kernel JFS code: a zero AG width in dmapctl can cause a divide error when computing the control page level in dbAllocAG. The vulnerability is fixed by adding a sanity check for agwidth in dbAllocAG (to avoid division by zero). Affected component: JFS in...

CVE-2025-37740 jfs: add sanity check for agwidth in dbMount

In the Linux kernel, the following vulnerability has been resolved: jfs: add sanity check for agwidth in dbMount The width in dmapctl of the AG is zero, it trigger a divide error when calculating the control page level in dbAllocAG. To avoid this issue, add a check for agwidth in dbAllocAG...

CVE-2024-56914

D-Link DSL-3782 v1.01 is vulnerable to Buffer Overflow in /NewGUI/ParentalControl.asp...

PT-2025-5264 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions up to and including 3.2.10 Description: WeGIA is a Web manager for charitable institutions. An Open Redirect issue was identified in the control.php endpoint, allowing the nextPage parameter to be manipulated and redirecting...

WeGIA SQL注入漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA version 3.2.0 that stems from vulnerability to SQL injection attacks via the nextPage parameter in /controle/control.php...

Advocate Office Management System SQL注入漏洞

Advocate Office Management System is an office management system by Mayuri K. Individual Developer. A SQL injection vulnerability exists in Advocate Office Management System version 1.0, which originates from an SQL injection vulnerability in the id parameter of the /control/editclient.php page...

CVE-2023-45576

Buffer Overflow vulnerability in D-Link device DI-7003GV2.D1 v.23.08.25D1 and before, DI-7100G+V2.D1 v.23.08.23D1 and before, DI-7100GV2.D1 v.23.08.23D1, DI-7200G+V2.D1 v.23.08.23D1 and before, DI-7200GV2.E1 v.23.08.23E1 and before, DI-7300G+V2.D1 v.23.08.23D1, and DI-7400G+V2.D1 v.23.08.23D1 and...

Quest Policy Authority Cross-Site Scripting Vulnerability

Quest Software Policy Authority For Unified Communications is a software from Quest Software, Inc. that is used in enterprise environments to consolidate communication data between various media text and instant messaging, videoconferencing, email and voicemail. A cross-site scripting vulnerabili...

Fortinet FortiWAN Authentication Bypass Vulnerability

Fortinet FortiWAN is a WAN link load balancing product developed by Fortinet. A security vulnerability exists in the tcpdump function in the diagnosiscontrol.php page in Fortinet FortiWAN. An attacker can exploit this vulnerability by changing the HTTP Get parameter 'UserName' to 'Administrator' ...

MileSight camera privilege control page unauthorized access vulnerability

MileSight camera is a network camera produced by Xiamen PulseVision Digital Technology Co. An unauthorized access vulnerability exists in the privilege control page of MileSight camera. An unauthorized attacker can use the vulnerability to execute arbitrary commands...

Macromedia Dreamweaver MX 6.0 - PHP User Authentication Suite Cross-Site Scripting

source: https://www.securityfocus.com/bid/8339/info It is possible to create an authentication or access control page, using Dreamweaver MX PHP Authentication Suite. This script will generate an error page that contains dynamic content when a user fails to authenticate correctly to the site. A...