Lucene search
K

54827 matches found

Vulnrichment
Vulnrichment
added 2025/12/11 3:2 p.m.4 views

CVE-2025-14519 baowzh hfly advtext add cross site scripting

A security flaw has been discovered in baowzh hfly up to 638ff9abe9078bc977c132b37acbe1900b63491c. This issue affects some unknown processing of the file /admin/index.php/advtext/add of the component advtext Module. The manipulation results in cross site scripting. The attack can be executed...

5.1CVSS5AI score0.00217EPSS
Exploits1References4
EUVD
EUVD
added 2025/12/11 3:2 p.m.9 views

EUVD-2025-202698

A security flaw has been discovered in baowzh hfly up to 638ff9abe9078bc977c132b37acbe1900b63491c. This issue affects some unknown processing of the file /admin/index.php/advtext/add of the component advtext Module. The manipulation results in cross site scripting. The attack can be executed...

5.1CVSS4.9AI score0.00217EPSS
Exploits1References5
CVE
CVE
added 2025/12/11 3:2 p.m.17 views

CVE-2025-14519

CVE-2025-14519 affects baowzh hfly 代表 version lineage prior to 638ff9abe9078bc977c132b37acbe1900b63491c, specifically the advtext Module’s /admin/index.php/advtext/add path. The root cause is cross-site scripting (XSS) in the processing of that file, enabling remote execution of the exploit. Publ...

5.4CVSS5AI score0.00217EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/12/11 3:2 p.m.31 views

CVE-2025-14519 baowzh hfly advtext add cross site scripting

A security flaw has been discovered in baowzh hfly up to 638ff9abe9078bc977c132b37acbe1900b63491c. This issue affects some unknown processing of the file /admin/index.php/advtext/add of the component advtext Module. The manipulation results in cross site scripting. The attack can be executed...

5.1CVSS0.00217EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2025/12/11 9:2 a.m.8 views

Apache HTTP Server: mod_md (ACME), unintended retry intervals

...

7.5CVSS7AI score0.00402EPSS
Exploits0
EUVD
EUVD
added 2025/12/11 6:34 a.m.5 views

EUVD-2025-202665

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS6.4AI score0.00306EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/11 6:34 a.m.29 views

CVE-2025-67738

squid/cachemgr.cgi in Webmin before 2.600 does not properly quote arguments. This is relevant if Webmin's Squid module and its Cache Manager feature are available, and an untrusted party is able to authenticate to Webmin and has certain Cache Manager permissions the "cms" security option...

8.5CVSS0.00306EPSS
Exploits0References3
Fedora
Fedora
added 2025/12/11 1:1 a.m.8 views

[SECURITY] Fedora 42 Update: perl-CGI-Simple-1.282-1.fc42

Simple totally OO CGI interface that is CGI.pm compliant...

7.3CVSS7AI score0.00431EPSS
Exploits0
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.5 views

Ruijie M18 安全漏洞

Ruijie M18 is a WiFi router from China Ruijie Ruijie. A security vulnerability exists in the Ruijie M18 EW3.01B11P226M1810223116 version, which originates from improper handling of a specially crafted POST request for moduleset in the file /usr/local/lua/devconfig/configretain.lua, which could le...

8.8CVSS6.9AI score0.02244EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.4 views

CVE-2025-56101

OS Command Injection vulnerability in Ruijie M18 EW3.01B11P226M1810223116 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

7.5AI score0.02486EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.4 views

Ruijie X60 PRO 安全漏洞

Ruijie X60 PRO is a home wireless router from China Ruijie Ruijie. A security vulnerability exists in Ruijie X60 PRO X6010212014RG-X60 PRO version V1.00V2.00, which originates from improper handling of a specially crafted POST request for moduleset in the file /usr/local/lua/devsta/nbrcwmp.lua,...

8.8CVSS6.9AI score0.02244EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.4 views

PT-2025-50661

Name of the Vulnerable Software and Affected Versions Ruijie RG-EW1800GX version B11P226 EW1800GX 10223121 Description An issue exists in Ruijie RG-EW1800GX version B11P226 EW1800GX 10223121 that allows attackers to execute arbitrary commands. This is possible through a crafted POST request to th...

8.8CVSS7AI score0.02627EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.3 views

CVE-2025-56090

OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devconfig/configretain.lua...

7.5AI score0.02627EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.4 views

PT-2025-50672

Name of the Vulnerable Software and Affected Versions Ruijie RG-YST AP versions 3.01B11P280YST250F Description An OS Command Injection issue exists in Ruijie RG-YST AP. An attacker can execute arbitrary commands by sending a specially crafted POST request to the /usr/lib/lua/luci/modules/common.l...

8.8CVSS7.6AI score0.01451EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.4 views

CVE-2025-56106

OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226EW1800GX10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

7.5AI score0.02486EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.9 views

PT-2025-50691

Name of the Vulnerable Software and Affected Versions Ruijie RG-S1930 versions S1930SWITCH 3.01B11P230 Description An OS Command Injection issue exists in Ruijie RG-S1930. Successful exploitation allows attackers to execute arbitrary commands. This is achieved by sending a crafted POST request to...

8.8CVSS7.2AI score0.01809EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/11 12:0 a.m.21 views

CVE-2025-56118

OS Command Injection vulnerability in Ruijie X60 PRO X6010212014RG-X60 PRO V1.00/V2.00 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleset in file /usr/local/lua/devsta/nbrcwmp.lua...

0.02244EPSS
Exploits1References3
CVE
CVE
added 2025/12/11 12:0 a.m.21 views

CVE-2025-56124

CVE-2025-56124 affects Ruijie X60 PRO routers (V1.00–V2.00). The vulnerability is an OS Command Injection in the module_get function invoked via a crafted POST to /usr/local/lua/dev_sta/networkConnect.lua, allowing an attacker to execute arbitrary commands with local privileges. Multiple sources ...

7.8CVSS7.5AI score0.01135EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/11 12:0 a.m.2 views

CVE-2025-56122

OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226EW1800GX-PRO10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the moduleget in file /usr/local/lua/devsta/networkConnect.lua...

7.5AI score0.02308EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.6 views

Ruijie RG-EW1800GX 安全漏洞

Ruijie RG-EW1800GX is a wireless router from Ruijie China. A security vulnerability exists in the Ruijie RG-EW1800GX that originates from unverified input to the moduleset function in the file /usr/local/lua/devsta/nbrcwmp.lua, which could lead to an OS command injection attack...

8.8CVSS7.2AI score0.0185EPSS
Exploits0References3
Rows per page
Query Builder