CVE-2025-9483

A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function singlePortForwardAdd of the file /goform/singlePortForwardAdd. This manipulation of the argument ruleName/schedule/inboundFilter...

CVE-2025-9483 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 singlePortForwardAdd stack-based overflow

A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function singlePortForwardAdd of the file /goform/singlePortForwardAdd. This manipulation of the argument ruleName/schedule/inboundFilter...

CVE-2025-9483 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 singlePortForwardAdd stack-based overflow

A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected is the function singlePortForwardAdd of the file /goform/singlePortForwardAdd. This manipulation of the argument ruleName/schedule/inboundFilter...

CVE-2025-9475

A flaw has been found in SourceCodester Human Resource Information System 1.0. Affected by this vulnerability is an unknown functionality of the file /AdminDashboard/process/editemployeeprocess.php. This manipulation of the argument employeefile201 causes unrestricted upload. The attack may be...

CVE-2025-9470 itsourcecode Apartment Management System add_m_committee.php sql injection

A flaw has been found in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /management/addmcommittee.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-9470 itsourcecode Apartment Management System add_m_committee.php sql injection

A flaw has been found in itsourcecode Apartment Management System 1.0. This affects an unknown part of the file /management/addmcommittee.php. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2025-9443

A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument newaccount can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and m...

CVE-2025-9443 Tenda CH22 editUserName formeditUserName buffer overflow

A flaw has been found in Tenda CH22 1.0.0.1. This vulnerability affects the function formeditUserName of the file /goform/editUserName. Executing manipulation of the argument newaccount can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been published and m...

CVE-2025-9443

CVE-2025-9443 affects the Tenda CH22 router (version 1.0.0.1). The vulnerability exists in the function formeditUserName in the file /goform/editUserName , where manipulating the argument new_account can trigger a buffer overflow . Remote exploitation is possible, and the exploit has been publish...

CVE-2025-9431

A flaw has been found in mtons mblog up to 3.5.0. Impacted is an unknown function of the file /search. This manipulation of the argument kw causes cross site scripting. The attack can be initiated remotely. The exploit has been published and may be used...

CVE-2025-9431

The CVE-2025-9431 entry concerns mtons mblog up to version 3.5.0. The vulnerability affects the /search function, where manipulation of the kw argument enables cross-site scripting. The issue can be exploited remotely, and exploits have been published. Public sources in the connected documents (e...

PT-2025-34737

Name of the Vulnerable Software and Affected Versions: itsourcecode Apartment Management System version 1.0 Description: A flaw has been found in the /management/add m committee.php file. Manipulation of the ID parameter can lead to SQL injection. The attack may be launched remotely. The exploit...

PT-2025-34775 · Linksys · Linksys Re6250 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6250 version 1.0.013.001 Linksys RE6300 version 1.0.013.001 Linksys RE6350 version 1.0.013.001 Linksys RE6500 version 1.0.013.001 Linksys RE7000 version 1.0.013.001 Linksys RE9000 version 1.0.013.001 Linksys RE6250 version 1.0.04.00...

CVE-2025-9413

A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts the function SelectListByPage of the file modules/system/systemrouter.go. This manipulation of the argument orderByColumn/isAsc causes sql injection. The attack may be initiated remotely. The exploit has been published and may ...

CVE-2025-9413 lostvip-com ruoyi-go system_router.go SelectListByPage sql injection

A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts the function SelectListByPage of the file modules/system/systemrouter.go. This manipulation of the argument orderByColumn/isAsc causes sql injection. The attack may be initiated remotely. The exploit has been published and may ...

CVE-2025-9407

A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and ma...

CVE-2025-9407 mtons mblog profile cross site scripting

A flaw has been found in mtons mblog up to 3.5.0. Affected by this vulnerability is an unknown functionality of the file /settings/profile. Executing manipulation of the argument signature can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and ma...

CVE-2025-9400

A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/Pfile.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be...

CVE-2025-9400

A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/Pfile.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be...

CVE-2025-9400 YiFang CMS P_file.php mergeMultipartUpload unrestricted upload

A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/Pfile.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be...