688 matches found
CVE-2026-9296 Edimax BR-6428NS POST Request formWlanM system command injection
A weakness has been identified in Edimax BR-6428NS 1.10. This impacts the function system of the file /goform/formWlanM of the component POST Request Handler. Executing a manipulation of the argument...
PT-2026-42874
A weakness has been identified in Edimax BR-6428NS 1.10. This impacts the function system of the file /goform/formWlanM of the component POST Request Handler. Executing a manipulation of the argument...
CVE-2026-3294
An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...
CVE-2026-8737
A weakness has been identified in Sanluan PublicCMS 5.202506.d. This issue affects the function execute of the file publiccms-trade/src/main/java/com/publiccms/views/directive/trade/TradeAddressListDirective.java of the component Trade Address Query Handler. Executing a manipulation of the argume...
CVE-2021-47979
WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers can send POST requests to admin-ajax.php with crafted filename and foldername parameters to delete...
EUVD-2026-29368
SAPUI5 Search UI allows an unauthenticated attacker to manipulate specific URL parameters on the Search UI to include malicious content. Successful exploitation may mislead victim users into clicking and accessing attacker-controlled pages rendered by the application. This vulnerability has a low...
CVE-2026-34258
SAPUI5 Search UI allows an unauthenticated attacker to manipulate specific URL parameters on the Search UI to include malicious content. Successful exploitation may mislead victim users into clicking and accessing attacker-controlled pages rendered by the application. This vulnerability has a low...
CVE-2026-34258 Content Spoofing vulnerability in SAPUI5 (Search UI)
SAPUI5 Search UI allows an unauthenticated attacker to manipulate specific URL parameters on the Search UI to include malicious content. Successful exploitation may mislead victim users into clicking and accessing attacker-controlled pages rendered by the application. This vulnerability has a low...
CVE-2026-7612
A vulnerability was determined in itsourcecode Courier Management System 1.0. Affected is an unknown function of the file /edituser.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may ...
CVE-2026-42517
This vulnerability exists in e-Sushrut due to the use of reversible Base64 encoding for protecting sensitive data. An authenticated attacker could exploit this vulnerability by decoding and manipulating Base64-encoded parameters in the request URL to gain unauthorized access to sensitive...
CVE-2026-42517
The CVE-2026-42517 entry affects the e-Sushrut HMIS system, where a vulnerability arises from using reversible Base64 encoding to protect sensitive data. The root cause is that sensitive parameters in the request URL are Base64-encoded rather than securely protected, allowing an authenticated att...
CVE-2026-42516
This vulnerability exists in e-Sushrut due to improper authorization checks during resource access. An authenticated attacker could exploit this vulnerability by manipulating encoded parameters in the request URL to gain unauthorized access to patient accounts on the targeted system...
CVE-2026-42515
This vulnerability exists in e-Sushrut due to improper access control in resource access validation. An authenticated attacker could exploit this vulnerability by manipulating parameter in the API request URL to gain unauthorized access to sensitive information of patients on the targeted system...
PT-2026-35883
Name of the Vulnerable Software and Affected Versions e-Sushrut affected versions not specified Description Improper access control in resource access validation allows an authenticated attacker to gain unauthorized access to sensitive patient information by manipulating parameters in the API...
CDAC e-Sushrut 安全漏洞
CDAC e-Sushrut is a system platform provided by the Indian CDAC company that handles hospital information management and medical process support. There is a security vulnerability in CDAC e-Sushrut. This vulnerability stems from the use of reversible Base64 encoding to protect sensitive data. It...
CVE-2026-7138
A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setNtpCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument tz results in os command injection. The attack can be executed remotely. The explo...
EUVD-2026-24750
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information...
CVE-2026-6356
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information...
CVE-2026-6356
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information...
CVE-2026-6356 CVE-2026-6356
A vulnerability in the web application allows standard users to escalate their privileges to those of a super administrator through parameter manipulation, enabling them to access and modify sensitive information...