CVE-2026-1153

A vulnerability was detected in technical-laohu mpay up to 1.2.4. This affects an unknown function. Performing a manipulation results in cross-site request forgery. Remote exploitation of the attack is possible. The exploit is now public and may be used...

CVE-2026-1142

A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted element is an unknown function. Performing a manipulation results in cross-site request forgery. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks...

CVE-2025-15405

A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely...

PT-2026-1007

Name of the Vulnerable Software and Affected Versions PHPEMS versions up to 11.0 Description A cross-site request forgery condition exists in PHPEMS. The issue is triggered by manipulation of an unknown function and can be exploited remotely. Recommendations Versions prior to 11.0 should be updat...

EUVD-2025-15058

Malicious code in bioql PyPI...

EUVD-2025-21279

Malicious code in bioql PyPI...

EUVD-2025-17612

Malicious code in bioql PyPI...

PT-2025-23859 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A critical vulnerability was found in the fromadvsetlanip function of the /goform/AdvSetLanip file. The manipulation of the lanMask argument leads to a buffer overflow. The attack can be launched...

PT-2025-23492 · Linksys · Linksys Re6300 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6500, RE6250, RE6300, RE6350, RE7000, and RE9000 versions 1.0.013.001 through 1.2.07.001 Description: A critical issue affects the function setDeviceURL of the file /goform/setDeviceURL. The manipulation of the argument DeviceURL...

CVE-2025-4368

A vulnerability, which was classified as critical, was found in Tenda AC8 16.03.34.06. Affected is the function formGetRouterStatus of the file /goform/MtuSetMacWan. The manipulation of the argument shareSpeed leads to buffer overflow. It is possible to launch the attack remotely. The exploit has...

CVE-2025-1182

A flaw was found in GNU Binutils. This vulnerability allows memory corruption via manipulation of the bfdelfrelocsymboldeletedp function. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ea...

CVE-2018-25104

A vulnerability was found in CoinGate Plugin up to 1.2.7 on PrestaShop. It has been rated as problematic. Affected by this issue is the function postProcess of the file modules/coingate/controllers/front/callback.php of the component Payment Handler. The manipulation leads to business logic error...

CVE-2024-9283 RelaxedJS ReLaXed Pug to PDF Converter cross site scripting

A vulnerability classified as problematic has been found in RelaxedJS ReLaXed up to 0.2.2. Affected is an unknown function of the component Pug to PDF Converter. The manipulation leads to cross site scripting. An attack has to be approached locally. The exploit has been disclosed to the public an...

GPAC Code Issue Vulnerability

GPAC is an open source multimedia framework. A code issue vulnerability exists in GPAC version 2.5-DEV-rev228-g11067ea92-master, which stems from improper manipulation of a related function that results in a null pointer dereference...

CVE-2024-5896

A vulnerability, which was classified as critical, was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0. Affected is the function saveusers of the file /classes/Users.php?f=save. The manipulation of the argument id leads to sql injection. It is possible to launch the atta...

CVE-2021-41286

Omikron MultiCash Desktop 4.00.008.SP5 relies on a client-side authentication mechanism. When a user logs into the application, the validity of the password is checked locally. All communication to the database backend is made via the same technical account. Consequently, an attacker can attach a...

Omikron MultiCash 授权问题漏洞

Omikron MultiCash is a one-stop solution for infrastructure, software and services from Omikron Germany. A security vulnerability exists in Omikron MultiCash Desktop 4.00.008.SP5, which allows an attacker to attach a debugger to a process or create a patch to manipulate the behavior of login...

NC LinkList 1.3.1 - Remote Command Injection Exploit

No description provided by source. -------------------------------------------------------------- NC LinkList 1.3.1 Remote Command injection Exploit --------------------------------------------------------------- Founder :ThE g0bL!N Vendor:http://www.php-linkverzeichnis.de Thank You Very Much...

3proxy 0.5.3g proxy.c logurl() Remote Overflow Exploit (exec-shield)

No description provided by source. / Fedora Core 5,6 exec-shield based 3proxy HTTP Proxy 3proxy-0.5.3g.tgz remote overflow root exploit reverse connect-back method by Xpl017Elz Advanced exploitation in exec-shield Fedora Core case study URL:...