CVE-2025-8138

A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formOneKeyAccessButton of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2025-8137

A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The...

CVE-2025-8139

A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been classified as critical. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype leads to buffer overflow. It is possible to...

CVE-2025-8136

A vulnerability, which was classified as critical, was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected is an unknown function of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr leads to buffer overflow. It is possible to laun...

CVE-2025-8219

CVE-2025-8219 affects Lingdang CRM up to version 8.6.4.7. The issue is an SQL injection in the HTTP POST Request Handler, caused by manipulation of the getvaluestring argument at /crm/crmapi/erp/tabdetail_moduleSave_dxkp.php. This can be triggered remotely. The vendor states all SQL injection vec...

CVE-2025-8219 Shanghai Lingdang Information Technology Lingdang CRM HTTP POST Request tabdetail_moduleSave_dxkp.php sql injection

A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. It has been rated as critical. This issue affects some unknown processing of the file /crm/crmapi/erp/tabdetailmoduleSavedxkp.php of the component HTTP POST Request Handler. The manipulation of the...

PT-2025-30991 · Unknown · Lingdang Crm

Name of the Vulnerable Software and Affected Versions: Lingdang CRM versions up to 8.6.4.7 Description: A vulnerability exists in the HTTP POST Request Handler component of Lingdang CRM. The manipulation of the getvaluestring argument in the /crm/crmapi/erp/tabdetail moduleSave dxkp.php endpoint...

CVE-2025-8184 D-Link DIR-513 HTTP POST Request formSetWanL2TPtriggers formSetWanL2TPcallback stack-based overflow

A vulnerability was found in D-Link DIR-513 up to 1.10 and classified as critical. This issue affects the function formSetWanL2TPcallback of the file /goform/formSetWanL2TPtriggers of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be...

CVE-2025-8184 D-Link DIR-513 HTTP POST Request formSetWanL2TPtriggers formSetWanL2TPcallback stack-based overflow

A vulnerability was found in D-Link DIR-513 up to 1.10 and classified as critical. This issue affects the function formSetWanL2TPcallback of the file /goform/formSetWanL2TPtriggers of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack may be...

CVE-2025-8169 D-Link DIR-513 HTTP POST Request formSetWanPPTPpath formSetWanPPTPcallback buffer overflow

A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function formSetWanPPTPcallback of the file /goform/formSetWanPPTPpath of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. It is possible to...

CVE-2025-8169 D-Link DIR-513 HTTP POST Request formSetWanPPTPpath formSetWanPPTPcallback buffer overflow

A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function formSetWanPPTPcallback of the file /goform/formSetWanPPTPpath of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. It is possible to...

CVE-2025-8169

Summary: CVE-2025-8169 affects the D-Link DIR-513 (v1.10) plaguing the HTTP POST request handler file, specifically the function formSetWanPPTPcallback in /goform/formSetWanPPTPpath. The vulnerability arises from improper handling of the curTime parameter, causing a buffer overflow that can be tr...

CVE-2025-8166 code-projects Church Donation System HTTP POST Request index.php sql injection

A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php of the component HTTP POST Request Handler. The manipulation of the argument Username leads to sql injection. It is possible to...

CVE-2025-8166 code-projects Church Donation System HTTP POST Request index.php sql injection

A vulnerability was found in code-projects Church Donation System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/index.php of the component HTTP POST Request Handler. The manipulation of the argument Username leads to sql injection. It is possible to...

CVE-2025-8166

CVE-2025-8166 affects code-projects Church Donation System 1.0. A SQL injection vulnerability exists in the HTTP POST Request Handler, specifically in /admin/index.php where manipulating the Username argument can be exploited remotely. The exploit has been disclosed publicly and may be used. Mult...

CVE-2014-125117

A stack-based buffer overflow vulnerability in the mycgi.cgi component of certain D-Link devices, including the DSP-W215 version 1.02, can be exploited via a specially crafted HTTP POST request to the /common/info.cgi endpoint. This flaw enables an unauthenticated attacker to achieve remote code...

CVE-2014-125117 D-Link info.cgi POST Request Stack-Based Buffer Overflow RCE

A stack-based buffer overflow vulnerability in the mycgi.cgi component of certain D-Link devices, including the DSP-W215 version 1.02, can be exploited via a specially crafted HTTP POST request to the /common/info.cgi endpoint. This flaw enables an unauthenticated attacker to achieve remote code...

CVE-2014-125117 D-Link info.cgi POST Request Stack-Based Buffer Overflow RCE

A stack-based buffer overflow vulnerability in the mycgi.cgi component of certain D-Link devices, including the DSP-W215 version 1.02, can be exploited via a specially crafted HTTP POST request to the /common/info.cgi endpoint. This flaw enables an unauthenticated attacker to achieve remote code...

CVE-2014-125117

CVE-2014-125117 : A stack-based buffer overflow in the my_cgi.cgi component of certain D‑Link devices, including DSP‑W215 v1.02, can be triggered by a crafted HTTP POST to /common/info.cgi, enabling unauthenticated remote code execution with system‑level privileges. Exploitation details indicate ...

CVE-2025-8159 D-Link DIR-513 HTTP POST Request formLanguageChange stack-based overflow

A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. This issue affects the function formLanguageChange of the file /goform/formLanguageChange of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to stack-based buffer overflow. The...