CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2025/06/05 12:0 a.m.•4 views

PT-2025-24055 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue affects the unknown processing of the file /boafrm/formSetLg of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

9CVSS8.8AI score0.00982EPSS

Positive Technologies•added 2025/06/05 12:0 a.m.•3 views

PT-2025-24062 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability has been found in the HTTP POST Request Handler of TOTOLINK X15. This affects an unknown part of the file /boafrm/formSaveConfig. The manipulation of the submit-u...

9CVSS8.7AI score0.0167EPSS

Positive Technologies•added 2025/06/04 12:0 a.m.•2 views

PT-2025-23946 · Totolink · Totolink N302R Plus

Name of the Vulnerable Software and Affected Versions: TOTOLINK N302R Plus versions up to 3.4.0-B20201028 Description: A critical vulnerability was found in the HTTP POST Request Handler component of TOTOLINK N302R Plus. The issue affects an unknown function of the file /boafrm/formPortFw. The...

9CVSS8.8AI score0.00553EPSS

Exploits0References13

Positive Technologies•added 2025/06/04 12:0 a.m.•3 views

PT-2025-23947 · Totolink · Totolink N302R Plus

Name of the Vulnerable Software and Affected Versions: TOTOLINK N302R Plus versions up to 3.4.0-B20201028 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically in the unknown functionality of the file /boafrm/formFilter. The manipulation of the url...

9CVSS8.8AI score0.00553EPSS

RedhatCVE•added 2025/06/03 10:15 p.m.•6 views

CVE-2025-5408

A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3 and WL-WN576K1 up to V1410240222 and classified as critical. Affected by this issue is the function syslogin of the file /cgi-bin/login.cgi of the component HTTP POST Request Handler. The...

10CVSS7AI score0.00668EPSS

NVD•added 2025/06/01 10:15 p.m.•6 views

CVE-2025-5408

10CVSS0.00668EPSS

Exploits0References4

Vulnrichment•added 2025/06/01 9:31 p.m.•3 views

CVE-2025-5408 WAVLINK WL-WN576K1 HTTP POST Request login.cgi sys_login buffer overflow

10CVSS9.6AI score0.00668EPSS

Exploits0References4

CVE•added 2025/06/01 9:31 p.m.•63 views

CVE-2025-5408

The CVE-2025-5408 issue affects WAVLINK QUANTUM D2G/D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3, and WL-WN576K1 (versions up to V1410_240222). The vulnerability is in the function sys_login of /cgi-bin/login.cgi within the HTTP POST Request Handler, where manipulation of the login_page argument tri...

10CVSS9.6AI score0.00668EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 10:36 a.m.•6 views

CVE-2024-9277

A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remainingtext leads to...

6.5CVSS6.7AI score0.0017EPSS

Exploits1

RedhatCVE•added 2025/05/23 10:14 a.m.•5 views

CVE-2024-1569

parisneo/lollms-webui is vulnerable to a denial of service DoS attack due to uncontrolled resource consumption. Attackers can exploit the /opencodeinvscode and similar endpoints without authentication by sending repeated HTTP POST requests, leading to the opening of Visual Studio Code or the...

7.5CVSS7.3AI score0.00122EPSS

RedhatCVE•added 2025/05/23 10:10 a.m.•7 views

CVE-2024-0300

A vulnerability was found in Byzoro Smart S150 Management Platform up to 20240101. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php of the component HTTP POST Request Handler. The manipulation of the argument webimg lead...

9.8CVSS6.8AI score0.0093EPSS

RedhatCVE•added 2025/05/23 9:56 a.m.•4 views

CVE-2024-2482

A vulnerability has been found in Surya2Developer Hostel Management Service 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /checkavailability.php of the component HTTP POST Request Handler. The manipulation of the argument oldpassword lea...

3.7CVSS7AI score0.00098EPSS

RedhatCVE•added 2025/05/23 9:34 a.m.•4 views

CVE-2024-0357

A vulnerability was found in coderd-repos Eva 1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the file /system/traceLog/page of the component HTTP POST Request Handler. The manipulation of the argument property leads to sql injection. The exploit has been...

9.8CVSS9.7AI score0.00056EPSS

RedhatCVE•added 2025/05/23 9:34 a.m.•6 views

CVE-2024-0483

A vulnerability classified as critical was found in Taokeyun up to 1.0.5. This vulnerability affects the function index of the file application/index/controller/app/Task.php of the component HTTP POST Request Handler. The manipulation of the argument cid leads to sql injection. The attack can be...

9.8CVSS9.8AI score0.00052EPSS

RedhatCVE•added 2025/05/23 9:34 a.m.•3 views

CVE-2024-0528

A vulnerability, which was classified as critical, was found in CXBSoft Post-Office 1.0. Affected is an unknown function of the file /admin/pages/updatego.php of the component HTTP POST Request Handler. The manipulation of the argument version leads to sql injection. The exploit has been disclose...

9.8CVSS9.8AI score0.00053EPSS

RedhatCVE•added 2025/05/23 9:34 a.m.•3 views

CVE-2024-0496

A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical. This issue affects some unknown processing of the file itemlistedit.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated...

9.8CVSS7.5AI score0.00055EPSS

RedhatCVE•added 2025/05/23 9:33 a.m.•8 views

CVE-2024-0522

A vulnerability was found in Allegro RomPager 4.01. It has been classified as problematic. Affected is an unknown function of the file usertable.htm?action=delete of the component HTTP POST Request Handler. The manipulation of the argument username leads to cross-site request forgery. It is...

8.8CVSS7AI score0.00047EPSS

RedhatCVE•added 2025/05/23 9:32 a.m.•5 views

CVE-2024-0419

A vulnerability was found in Jasper httpdx up to 1.5.4 and classified as problematic. This issue affects some unknown processing of the component HTTP POST Request Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the...

7.5CVSS6.9AI score0.00107EPSS

RedhatCVE•added 2025/05/23 9:32 a.m.•7 views

CVE-2024-0495

A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file partysubmit.php of the component HTTP POST Request Handler. The manipulation of the argument partyname leads to sql injection. The attack can be initiat...

9.8CVSS7.6AI score0.00053EPSS