EUVD-2025-31472

Malicious code in bioql PyPI...

Simple Scheduling System addtime.php File SQL Injection Vulnerability

Simple Scheduling System is a simple scheduling system. Simple Scheduling System has a SQL injection vulnerability that originates from the starttime/endtime parameters in the /addtime.php file not being securely filtered. An attacker can exploit this vulnerability to execute malicious SQL comman...

CVE-2025-11115

A vulnerability has been found in code-projects Simple Scheduling System 1.0. Affected by this issue is some unknown functionality of the file /addtime.php. The manipulation of the argument starttime/endtime leads to sql injection. Remote exploitation of the attack is possible. The exploit has be...

CVE-2025-11115

A vulnerability has been found in code-projects Simple Scheduling System 1.0. Affected by this issue is some unknown functionality of the file /addtime.php. The manipulation of the argument starttime/endtime leads to sql injection. Remote exploitation of the attack is possible. The exploit has be...

CVE-2025-11115 code-projects Simple Scheduling System addtime.php sql injection

A vulnerability has been found in code-projects Simple Scheduling System 1.0. Affected by this issue is some unknown functionality of the file /addtime.php. The manipulation of the argument starttime/endtime leads to sql injection. Remote exploitation of the attack is possible. The exploit has be...

CVE-2025-11115

CVE-2025-11115 affects Code-Projects Simple Scheduling System 1.0, with the flaw located in addtime.php where manipulating starttime/endtime triggers SQL injection. Remote exploitation is possible and public exploits have been disclosed. Multiple sources (NVD/NVDC/CNVD/Red Hat feed) corroborate t...

PT-2025-39786

Name of the Vulnerable Software and Affected Versions Simple Scheduling System version 1.0 Description A flaw exists in an unknown functionality within the /addtime.php file. The manipulation of the starttime/endtime argument can lead to a SQL injection. Remote exploitation is possible. The explo...

CVE-2025-28030

TOTOLINK A810R V4.1.2cu.5182B20201026 was discovered to contain a stack overflow via the startTime and endTime parameters in setParentalRules function...

TOTOLINK A3600R 安全漏洞

TOTOLINK A3600R is a 6-antenna 1200M wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A3600R suffers from a buffer overflow vulnerability that originates from the startTime/endTime parameter in the setParentalRules function of the /cgi-bin/cstecgi.cgi file that fails to...

D-Link DIR-823G EndTime Parameter Buffer Overflow Vulnerability

The D-Link DIR-823G is a wireless router from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-823G EndTime parameter due to incorrect boundary checking in the SetParentsControlInfo function, which can be exploited by an attacker to cause a denial of service...

CVE-2023-44830

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2023-44830

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

Buffer overflow

D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the EndTime parameter in the SetParentsControlInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

D-Link DIR-823G SetWifiDownSettings Function Stack Buffer Overflow Vulnerability

The D-Link DIR-823G is a home dual-band Gigabit wireless router with second-generation 802.11ac Wi-Fi5 technology designed for medium- to high-speed broadband networks. The D-Link DIR-823G suffers from a stack buffer overflow vulnerability that originates from the failure of the parameters...

CVE-2023-43235

D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings...

CVE-2023-43235

D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings...

CVE-2023-43235

D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings...

CVE-2023-43235

D-Link DIR-823G v1.0.2B05 was discovered to contain a stack overflow via parameter StartTime and EndTime in SetWifiDownSettings...

The first stake is possible after endTime

Lines of code Vulnerability details Impact Users can stake after endTime due to the wrong check. Proof of Concept When a user stakes LP tokens using MuteAmplifier.stake, stake is not allowed after endTime which is set in initializeDeposit by an admin. requireblock.timestamp endTime,...

Mitigation Confirmed for Mitigation of H-06 Issue mitigated

C4 issue H-06: MinipoolManager: node operator can avoid being slashed Comments In the original implementation, there were a few scenarios where malicious node operators can avoid being slashed. Mitigation PR 41 This PR includes mitigation for various issues H-03, H-06, M-13. Just focusing on the...