6 matches found
EUVD-2026-21392
SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in updatepassword.php via the newpassword parameter...
CVE-2025-54403
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related ...
CVE-2025-54403
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500 v1.3411b190912. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is related ...
CVE-2025-54403
Planet WGR-500 v1.3411b190912 has multiple OS command injection flaws in the swctrl service. A UDP-based protocol accepts commands with a header containing PLANETut and a 0x90 change settings path, where attacker-supplied, nibble-decoded inputs are used to build shell commands via system(). The v...
Planet WGR-500 安全漏洞
The Planet WGR-500 is a WiFi router from Planet in Taiwan, China. A security vulnerability exists in Planet WGR-500 v1.3411b190912, which stems from improper manipulation of the newpassword request parameter, which could lead to arbitrary command execution...
File Tracker Manager System SQL Injection Vulnerability
File Tracker Manager System is a file tracker manager system. File Tracker Manager System v1.0 suffers from a SQL injection vulnerability, which originates from the lack of validation of the parameter newpassword in the file register/updatepassword.php against externally entered SQL statements. A...