3632 matches found
CVE-2025-7816 PHPGurukul Apartment Visitors Management System HTTP POST Request visitor-detail.php cross site scripting
A vulnerability, which was classified as problematic, was found in PHPGurukul Apartment Visitors Management System 1.0. Affected is an unknown function of the file /visitor-detail.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scriptin...
CVE-2025-7815
A vulnerability, which was classified as problematic, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the file /manage-newvisitors.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to...
CVE-2025-7815 PHPGurukul Apartment Visitors Management System HTTP POST Request manage-newvisitors.php cross site scripting
A vulnerability, which was classified as problematic, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the file /manage-newvisitors.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to...
CVE-2025-7815
PHPGurukul Apartment Visitors Management System 1.0 is affected by CVE-2025-7815 due to an XSS flaw in the HTTP POST Request Handler. The visname parameter in /manage-newvisitors.php can be manipulated to execute arbitrary Web script or HTML. The issue can be exploited remotely and has been discl...
PT-2025-30155 · Phpgurukul · Phpgurukul Apartment Visitors Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Apartment Visitors Management System version 1.0 Description: A problematic issue exists in PHPGurukul Apartment Visitors Management System 1.0. The issue is related to cross site scripting within the HTTP POST Request Handler...
PT-2025-30130 · Phpgurukul · Phpgurukul Apartment Visitors Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Apartment Visitors Management System version 1.0 Description: A cross-site scripting issue exists due to the manipulation of the visname argument within the HTTP POST Request Handler component, specifically in the /visitor-detail.p...
PT-2025-30131 · Phpgurukul · Phpgurukul Apartment Visitors Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Apartment Visitors Management System version 1.0 Description: A cross site scripting issue exists due to the manipulation of the visname argument within the HTTP POST Request Handler in the /bwdates-reports.php file. The attack can...
PT-2025-30136 · Phpgurukul · Phpgurukul Apartment Visitors Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Apartment Visitors Management System version 1.0 Description: A problematic issue exists in the HTTP POST Request Handler component of the software. The vulnerability is due to the manipulation of the visname argument within the...
PT-2025-30123 · Phpgurukul · Phpgurukul Apartment Visitors Management System
Name of the Vulnerable Software and Affected Versions: PHPGurukul Apartment Visitors Management System version 1.0 Description: A problematic issue exists in the processing of the /manage-newvisitors.php file within the HTTP POST Request Handler component. Manipulation of the visname argument can...
CVE-2025-7758
A vulnerability, which was classified as critical, has been found in TOTOLINK T6 up to 4.1.5cu.748B20211015. Affected by this issue is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to buffer...
CVE-2025-7758
The CVE-2025-7758 issue affects TOTOLINK T6 firmware (versions prior to 4.1.5cu.748_B20211015). The vulnerability is in the HTTP POST Request Handler, specifically the setDiagnosisCfg function in /cgi-bin/cstecgi.cgi, where manipulating the ip argument leads to a buffer overflow. This can be expl...
CVE-2025-7758 TOTOLINK T6 HTTP POST Request cstecgi.cgi setDiagnosisCfg buffer overflow
A vulnerability, which was classified as critical, has been found in TOTOLINK T6 up to 4.1.5cu.748B20211015. Affected by this issue is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to buffer...
CVE-2025-7758 TOTOLINK T6 HTTP POST Request cstecgi.cgi setDiagnosisCfg buffer overflow
A vulnerability, which was classified as critical, has been found in TOTOLINK T6 up to 4.1.5cu.748B20211015. Affected by this issue is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to buffer...
CVE-2025-34108
A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component...
CVE-2025-7615
A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748. Affected by this vulnerability is the function clearPairCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack can be...
CVE-2025-7613
A vulnerability was found in TOTOLINK T6 4.1.5cu.748. It has been rated as critical. This issue affects the function CloudSrvVersionCheck of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. The attack may be...
CVE-2025-34108
A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component...
CVE-2025-34108 Disk Pulse Enterprise 9.0.34 Login Stack Buffer Overflow
A stack-based buffer overflow vulnerability exists in the login functionality of Disk Pulse Enterprise version 9.0.34. An attacker can send a specially crafted HTTP POST request to the /login endpoint with an overly long username parameter, causing a buffer overflow in the libspp.dll component...
CVE-2025-34108
Disk Pulse Enterprise 9.0.34 contains a stack-based buffer overflow in the login function. The overflow occurs in the libspp.dll when a crafted long username is sent to POST /login, enabling arbitrary code execution with SYSTEM privileges. Exploitation details and PoCs exist (e.g., Metasploit mod...
CVE-2025-7524
A vulnerability was found in TOTOLINK T6 4.1.5cu.748B20211015. It has been classified as critical. This affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ip leads to command injection. It is possible ...