981 matches found
CVE-2026-5018
A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown function of the file register-router.php of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The explo...
CVE-2026-5101
A vulnerability was identified in Totolink A3300R 17.0.0cu.557b20221024. This affects the function setLanCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument lanIp leads to command injection. Remote exploitation of the attack is possible. The...
CVE-2026-5101
Totolink A3300R 17.0.0cu.557_b20221024 is affected. The vulnerability resides in the Parameter Handler’s /cgi-bin/cstecgi.cgi, specifically the setLanCfg function, where manipulating the lanIp argument leads to command injection. Remote exploitation is possible, and an exploit is publicly availab...
EUVD-2026-17031
A vulnerability was detected in Tenda FH1201 1.2.0.14408. This impacts the function WrlclientSet of the file /goform/WrlclientSet of the component Parameter Handler. Performing a manipulation of the argument GO results in stack-based buffer overflow. The attack is possible to be carried out...
CVE-2026-5046
A flaw has been found in Tenda FH1201 1.2.0.14408. Affected is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component Parameter Handler. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit...
CVE-2026-5046
CVE-2026-5046 affects Tenda FH1201 1.2.0.14(408). The vulnerability is in the Parameter Handler, specifically the formWrlExtraSet function in /goform/WrlExtraSet. A crafted manipulation of the GO argument can trigger a stack-based buffer overflow, with remote exploitation reported. The issue is r...
CVE-2026-5046
A flaw has been found in Tenda FH1201 1.2.0.14408. Affected is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component Parameter Handler. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit...
CVE-2026-5046 Tenda FH1201 Parameter WrlExtraSet formWrlExtraSet stack-based overflow
A flaw has been found in Tenda FH1201 1.2.0.14408. Affected is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component Parameter Handler. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit...
CVE-2026-5046 Tenda FH1201 Parameter WrlExtraSet formWrlExtraSet stack-based overflow
A flaw has been found in Tenda FH1201 1.2.0.14408. Affected is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component Parameter Handler. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit...
CVE-2026-5045 Tenda FH1201 Parameter WrlclientSet stack-based overflow
A vulnerability was detected in Tenda FH1201 1.2.0.14408. This impacts the function WrlclientSet of the file /goform/WrlclientSet of the component Parameter Handler. Performing a manipulation of the argument GO results in stack-based buffer overflow. The attack is possible to be carried out...
CVE-2026-5045
Affected product: Tenda FH1201 firmware 1.2.0.14(408). Component/Function: Parameter Handler, WrlclientSet (/goform/WrlclientSet). Root cause: manipulation of the argument GO leads to a stack-based buffer overflow. Impact: remote code execution risk with high impact on confidentiality, integrity,...
EUVD-2026-16987
A security flaw has been discovered in Belkin F9K1122 1.00.33. The affected element is the function formCrossBandSwitch of the file /goform/formCrossBandSwitch of the component Parameter Handler. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be...
CVE-2026-5043
A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the file /goform/formSetPassword of the component Parameter Handler. This manipulation of the argument webpage causes stack-based buffer overflow. Remote exploitation of the attack is...
CVE-2026-5043 Belkin F9K1122 Parameter formSetPassword stack-based overflow
A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the file /goform/formSetPassword of the component Parameter Handler. This manipulation of the argument webpage causes stack-based buffer overflow. Remote exploitation of the attack is...
CVE-2026-5042 Belkin F9K1122 Parameter formCrossBandSwitch stack-based overflow
A security flaw has been discovered in Belkin F9K1122 1.00.33. The affected element is the function formCrossBandSwitch of the file /goform/formCrossBandSwitch of the component Parameter Handler. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be...
CVE-2026-5042 Belkin F9K1122 Parameter formCrossBandSwitch stack-based overflow
A security flaw has been discovered in Belkin F9K1122 1.00.33. The affected element is the function formCrossBandSwitch of the file /goform/formCrossBandSwitch of the component Parameter Handler. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be...
CVE-2026-5042
CVE-2026-5042 affects Belkin F9K1122 running 1.00.33. The vulnerability lies in the Parameter Handler’s function formCrossBandSwitch; manipulating the argument webpage triggers a stack-based buffer overflow. This is a network-accessible issue with high impact on confidentiality, integrity, and av...
EUVD-2026-16979
A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /viewwork.php of the component Parameter Handler. Such manipulation of the argument enid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-5035
A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /viewwork.php of the component Parameter Handler. Such manipulation of the argument enid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2026-5035 code-projects Accounting System Parameter view_work.php sql injection
A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /viewwork.php of the component Parameter Handler. Such manipulation of the argument enid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...