CVE-2025-9532 Portabilis i-Educar view sql injection

A flaw has been found in Portabilis i-Educar up to 2.10. This impacts an unknown function of the file /RegraAvaliacao/view. Executing manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor...

CVE-2025-9532

Portabilis i-Educar up to version 2.10 contains a SQL injection in the RegraAvaliacao/view path triggered by manipulating the ID parameter. The flaw is exploitable remotely and has published proof-of-concept materials in public references. Multiple sources (Red Hat, NVD, CVE lists, and vendor-foc...

CVE-2025-9525

A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerability is the function setWan of the file /goform/setWan. This manipulation of the argument DeviceName/lanIp causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may...

CVE-2025-9525 Linksys E1700 setWan stack-based overflow

A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerability is the function setWan of the file /goform/setWan. This manipulation of the argument DeviceName/lanIp causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may...

CVE-2025-9505

A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=saveloantype. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-9505 Campcodes Online Loan Management System ajax.php sql injection

A flaw has been found in Campcodes Online Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=saveloantype. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been...

PT-2025-34860

Name of the Vulnerable Software and Affected Versions: Linksys E1700 version 1.0.0.4.003 Description: A stack-based buffer overflow exists in the setWan function of the /goform/setWan file. Manipulation of the DeviceName/lanIp argument causes the overflow, allowing for potential remote code...

PT-2025-34872 · Portabilis · Portabilis I-Educar

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.10 Description: A flaw has been found in Portabilis i-Educar that allows for SQL injection. Manipulation of the ID argument in the /RegraAvaliacao/view file can lead to exploitation. The attack can be...

CVE-2025-9483

A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function singlePortForwardAdd of the file /goform/singlePortForwardAdd. This manipulation of the argument ruleName/schedule/inboundFilter...

CVE-2025-9483

A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function singlePortForwardAdd of the file /goform/singlePortForwardAdd. This manipulation of the argument ruleName/schedule/inboundFilter...

CVE-2025-9483 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 singlePortForwardAdd stack-based overflow

A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function singlePortForwardAdd of the file /goform/singlePortForwardAdd. This manipulation of the argument ruleName/schedule/inboundFilter...

CVE-2025-9483 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 singlePortForwardAdd stack-based overflow

A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function singlePortForwardAdd of the file /goform/singlePortForwardAdd. This manipulation of the argument ruleName/schedule/inboundFilter...

CVE-2025-9475

A flaw has been found in SourceCodester Human Resource Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /AdminDashboard/process/editemployeeprocess.php. This manipulation of the argument employeefile201 causes unrestricted upload. The attack may be...

CVE-2025-9470 itsourcecode Apartment Management System add_m_committee.php sql injection

A flaw has been found in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /management/addmcommittee.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-9443

A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument newaccount can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and m...

CVE-2025-9443

CVE-2025-9443 affects the Tenda CH22 router (version 1.0.0.1). The vulnerability exists in the function formeditUserName in the file /goform/editUserName , where manipulating the argument new_account can trigger a buffer overflow . Remote exploitation is possible, and the exploit has been publish...

CVE-2025-9443 Tenda CH22 editUserName formeditUserName buffer overflow

A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument newaccount can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and m...

CVE-2025-9431

A flaw has been found in mtons mblog up to 3.5.0. Impacted is an unknown function of the file /search. This manipulation of the argument kw causes cross site scripting. The attack can be initiated remotely. The exploit has been published and may be used...

CVE-2025-9431

The CVE-2025-9431 entry concerns mtons mblog up to version 3.5.0. The vulnerability affects the /search function, where manipulation of the kw argument enables cross-site scripting. The issue can be exploited remotely, and exploits have been published. Public sources in the connected documents (e...

PT-2025-34737

Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A flaw has been found in the /management/add m committee.php file. Manipulation of the ID parameter can lead to SQL injection. The attack may be launched remotely. The exploit...