765 matches found
CVE-2026-4194 D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...
CVE-2026-4194 D-Link DNS-1550-04 system_mgr.cgi cgi_set_wto access control
A vulnerability was detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...
PT-2026-25568
A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function...
PT-2026-25569
Name of the Vulnerable Software and Affected Versions D-Link DNS-120 D-Link DNR-202L D-Link DNS-315L D-Link DNS-320 D-Link DNS-320L D-Link DNS-320LW D-Link DNS-321 D-Link DNR-322L D-Link DNS-323 D-Link DNS-325 D-Link DNS-326 D-Link DNS-327L D-Link DNR-326 D-Link DNS-340L D-Link DNS-343 D-Link...
PT-2026-25554
A vulnerability was identified in D-Link DIR-816 1.10CNB05. The impacted element is an unknown function of the file redirect.asp of the component goahead. The manipulation of the argument token id leads to improper access controls. The attack may be initiated remotely. The exploit is publicly...
CVE-2026-0977
IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls...
CVE-2026-0977 IBM CICS Transaction Gateway for Multiplatforms Information Disclosure
IBM CICS Transaction Gateway for Multiplatforms 9.3 and 10.1 could allow a user to transfer or view files due to improper access controls...
EUVD-2026-10175
A weakness has been identified in Freedom Factory dGEN1 up to 20260221. This affects the function AndroidEthereum of the component org.ethosmobile.webpwaemul. This manipulation causes improper access controls. Remote exploitation of the attack is possible. The attack is considered to have high...
EUVD-2025-208144
A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. Such manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been...
PT-2026-22545
A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. Such manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-3268
A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The affected element is an unknown function of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java of the component Session Attribute Handler. Performing a manipulation results in...
EUVD-2026-8926
A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The affected element is an unknown function of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java of the component Session Attribute Handler. Performing a manipulation results in...
CVE-2026-3268
CVE-2026-3268 affects psi-probe up to 5.3.0. The vulnerability is located in psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java (Session Attribute Handler) and is caused by a manipulation that leads to improper access controls. Attacks can be initiated r...
PT-2026-22227
Name of the Vulnerable Software and Affected Versions PSI Probe versions up to 5.3.0 Description A flaw exists in PSI Probe that involves improper access controls. This issue is related to a function within the...
CVE-2026-2938
A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/updatesmtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit ha...
CVE-2026-2938 SourceCodester Student Result Management System update_smtp.php access control
A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/updatesmtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit ha...
CVE-2026-2938
A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/updatesmtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit ha...
CVE-2026-2938
The CVE-2026-2938 entry relates to SourceCodester Student Result Management System 1.0, affecting the file /srms/script/admin/core/update_smtp.php. The root cause is an unspecified function allowing improper access controls, enabling remote initiation of an attack. Public exploit disclosure is no...
CVE-2026-2852
A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\src\main\java\com\yeqifu\bus\controller\SalesController.java of the component Sales Endpoint. The...
CVE-2026-2849
The CVE affects yeqifu warehouse (up to commit aaf29962ba407d22d991781de28796ee7b4670e4). The vulnerable component is the Cache Sync Handler, specifically the CacheController.java functions deleteCache, removeAllCache, and syncCache. The root cause is improper access controls in these methods, en...