Lucene search
K

220906 matches found

Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.10 views

PT-2026-47256

A security vulnerability has been detected in TOTOLINK AC1200 T8 4.1.5cu.8611. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation leads to least privilege violation. The attack may be initiated remotely. The exploit has been disclosed publicly...

5.3CVSS5.1AI score0.00215EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.10 views

PT-2026-47245

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description A security flaw allows for remote SQL injection, which is a technique where an attacker inserts malicious SQL code into a query to manipulate a database. The issue exists...

7.5CVSS7.3AI score0.00275EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.11 views

PT-2026-47273

A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/add leave.php. Performing a manipulation of the argument type of leave results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS6.5AI score0.002EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47433

A vulnerability has been found in SourceCodester Onlne Examination & Learning Management System and Syllabus-aligned Learning Management and Examination System 1.0. Affected by this issue is some unknown functionality of the file import users.php. The manipulation of the argument raw password wit...

6.9CVSS5.6AI score0.00286EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.12 views

PT-2026-47436

A vulnerability was identified in D-Link DGS-1100-08PD 1.00.006. This issue affects some unknown processing of the file /etc/boa.conf of the component Web Interface. Such manipulation leads to least privilege violation. The attack may be launched remotely. The attack requires a high level of...

6.3CVSS4.9AI score0.00405EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.9 views

PT-2026-47248

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An SQL injection issue exists in the /archive1.php endpoint. This occurs when the sy argument is manipulated, allowing for remote exploitation. SQL injection is a techniq...

7.5CVSS7.4AI score0.00275EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.12 views

PT-2026-47291

Name of the Vulnerable Software and Affected Versions UTT HiPER 2610G versions prior to 3.0.0-171107 Description A remote buffer overflow can occur due to the use of the strcpy function within the /goform/formConfigDnsFilterGlobal file. This issue is triggered by manipulating the GroupName...

9CVSS8AI score0.006EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.18 views

PT-2026-47262

A vulnerability was identified in Weaviate up to 1.37.7. This vulnerability affects the function validateConfig of the file usecases/auth/authentication/apikey/client.go of the component Static API Key Handler. The manipulation of the argument StaticApiKey leads to authorization bypass. It is...

5CVSS4.9AI score0.00281EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.16 views

PT-2026-47206

A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is an unknown function of the file service/RegisterService.php of the component Registration Endpoint. Performing a manipulation of the argument stimg results in...

7.5CVSS6.8AI score0.00288EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.9 views

PT-2026-47255

A weakness has been identified in Tenda AC15 15.03.05.19. The impacted element is an unknown function of the file /etc ro/smb.conf of the component Samba. Executing a manipulation can lead to weak password requirements. The attack is only possible within the local network. A high complexity level...

5CVSS4.8AI score0.00224EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47335

A security flaw has been discovered in imvks786 student management system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. This impacts an unknown function of the file admin/admin login.php of the component Administrator Login Endpoint. Performing a manipulation of the argument a usr/a pwd results...

7.5CVSS5.3AI score0.00328EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.16 views

PT-2026-47250

Name of the Vulnerable Software and Affected Versions Simple Flight Ticket Booking System version 1.0 Description An issue exists in the POST Parameter Handler component within the checkUser.php file. Remote manipulation of the Username parameter allows for SQL injection, a technique where...

7.5CVSS7.4AI score0.00275EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47445

A vulnerability was found in CodeAstro Student Attendance Management System 1.0. This impacts an unknown function of the file /attendance-php/Admin/createClass.php?action=edit. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit...

6.5CVSS6.4AI score0.00204EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.12 views

PT-2026-47202

A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...

6.5CVSS6AI score0.00301EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

Tenda W20E 缓冲区错误漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a buffer overflow vulnerability. This vulnerability stems from improper handling of the parameter “wifiFilterListRemark” in the modifyWifiFilterRules function within the Web Manageme...

9CVSS8.6AI score0.00466EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.10 views

tiny-regex-c 资源管理错误漏洞

tiny-regex-c is a lightweight regular expression parsing library developed by Kokke. There is a resource management vulnerability in tiny-regex-c, which stems from improper operation of the matchstar function in the pattern processing component of the file re.c. This vulnerability may lead to...

4.8CVSS4.6AI score0.00113EPSS
Exploits0References1
Amazon
Amazon
added 2026/06/08 12:0 a.m.11 views

Important: nginx

Issue Overview: NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string...

9.2CVSS6.1AI score0.04261EPSS
Exploits3
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.26 views

PT-2026-47252

Name of the Vulnerable Software and Affected Versions Online Music Site version 1.0 Description An issue exists in the processing of the '/Frontend/Search.php' endpoint. Manipulation of the Category argument allows for SQL injection, which is a technique used to execute malicious SQL statements...

7.5CVSS7.3AI score0.0029EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.16 views

PT-2026-47338

A vulnerability was detected in imvks786 student management system up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of the file /add.php. The manipulation of the argument name/address/fname results in cross site scripting. It is possible to laun...

5.1CVSS4AI score0.00199EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.16 views

PT-2026-47267

Name of the Vulnerable Software and Affected Versions Tenda CX12L version 16.03.53.12 Description A stack-based buffer overflow can be triggered remotely via the Wi-Fi Schedule Configuration Endpoint. The issue exists within the setSchedWifi function located in the /goform/openSchedWifi file. Thi...

9CVSS8.3AI score0.00466EPSS
Exploits0References9
Rows per page
Query Builder