Edimax EW-7438RPn 操作系统命令注入漏洞

The Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Edimax. An OS command injection vulnerability exists in the Edimax EW-7438RPn version 1.31, which stems from the manipulation of the parameters of the function formWlanMP in the file /goform/formWlanMP by the Content-Typ...

Hackney 安全漏洞

Hackney is a program library from Hackney, Inc. A security vulnerability exists in hackney versions prior to 3.1.1 through 4.0.1, which stems from a failure to perform cross-domain checks in the HTTP/3 redirect handler, potentially leading to the disclosure of sensitive data...

KLiK SocialMediaWebsite 代码问题漏洞

KLiK SocialMediaWebsite is a simple PHP-based social media website by the individual developer Muhammad Saad. A code issue vulnerability exists in version 1.0 of KLiK SocialMediaWebsite, which stems from the File Handler component's manipulation of the function uniqid in the file upload.inc.php,...

PT-2026-43027

A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. Performing a manipulation of the argument rootAPmac results in command injection. The attack can be initiated...

PT-2026-43227

SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception handler. Attackers can craft malicious input in the Registration Name and Registration Key fields to...

Invoice-System 授权问题漏洞

Invoice-System is an invoice management system development exercise tool by Sushmita Palikhe individual developer. Invoice-System a0a3faa16dee2621b231ae227333f5761607283b and prior versions have an authorization issue vulnerability that stems from a parameter role operation in the User Management...

TOTOLINK CA750-PoE 操作系统命令注入漏洞

The TOTOLINK CA750-PoE is a wireless network access device from China's Gion Electronics TOTOLINK. The Totolink CA750-PoE version 6.2c.510 suffers from an operating system command injection vulnerability that originates from os command injection in the operation of the parameter hosttime in the...

PT-2026-42999

A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrestricted upload. The attack can be initiated remotely. The exploit has been publicly disclosed and m...

PT-2026-43152

Name of the Vulnerable Software and Affected Versions Totolink CA750-PoE version 6.2c.510 Description A weakness in the Setting Handler component allows for remote OS command injection. This occurs through the manipulation of the host time argument within the NTPSyncWithHost function of the...

PT-2026-42998

A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...

CVE-2026-9402

A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...

EUVD-2026-31605

A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. The attack may be initiated remotely. The...

CVE-2026-9402

A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...

CVE-2026-9402

The CVE-2026-9402 entry concerns Edimax BR-6675nD firmware 1.12. The vulnerability is in the POST Request Handler’s formWlanMP function (/goform/formWlanMP). Manipulating parameters such as ateFunc, ateGain, ateRate, ateChan, ateTxCount, various e2pTx/e2pTxPower and readE2P fields results in comm...

CVE-2026-9402 Edimax BR-6675nD POST Request formWlanMP command injection

A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...

EUVD-2026-31602

A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...

CVE-2026-9402 Edimax BR-6675nD POST Request formWlanMP command injection

A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argument...

DEBIAN-CVE-2026-48831

Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...

CVE-2026-48831

Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...

CVE-2026-48831

Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...