EUVD-2026-32740

The HT Contact Form – Drag & Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fileupload' parameter in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2026-7052

The HT Contact Form – Drag & Drop Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fileupload' parameter in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it possible for...

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK Corporation in China. The Totolink A7100RU 7.4cu.2313b20191024 version contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of the parameter “FileName” in the functio...

Placement Management System 代码问题漏洞

Placement Management System is an itsourcecode open source placement management system. A code issue exists in version 1.0 of the Placement Management System, which is caused by an unrestricted file upload vulnerability in the fileToUpload parameter of the Image Handler component of the...

Beijing Baichuo Smart S210 Management Platform Code Issue Vulnerability

Beijing Baichuo Smart S210 Management Platform is a multi-service security gateway intelligent management platform from Beijing Baichuo, China. A code issue exists in Beijing Baichuo Smart S210 Management Platform version 20240117 and prior versions, where an incorrect operation of the parameter...

D-Link DAR-7000 Code Issue Vulnerability

D-Link DAR-7000 is an Internet Behavior Audit Gateway from China Youxun D-Link. A code issue vulnerability exists in the D-Link DAR-7000 and DAR-8000, which stems from an arbitrary file upload vulnerability in the parameter fileupload of file/useratte/web...