Lucene search
K

105621 matches found

Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.15 views

PT-2026-43215

Twitter-Clone 1 contains a SQL injection vulnerability in follow.php that allows attackers to manipulate database queries by injecting SQL code through the userid parameter. Attackers can submit union-based or time-based blind SQL injection payloads to extract sensitive database information...

8.8CVSS5.9AI score0.00309EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.14 views

PT-2026-43046

A vulnerability was determined in Totolink A8000RU 7.1cu.643 b20200521. The affected element is the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument FileName causes os command injection. The attack is possibl...

10CVSS7AI score0.02094EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.18 views

PT-2026-42991

A security vulnerability has been detected in code-projects Employee Management System 1.0. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument ID leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed publicly...

5.3CVSS4.2AI score0.00263EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/24 11:30 p.m.15 views

EUVD-2026-31606

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed...

10CVSS7AI score0.01732EPSS
Exploits0References5
NVD
NVD
added 2026/05/24 11:16 p.m.26 views

CVE-2026-9403

A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. The attack may be initiated remotely. The...

9CVSS0.00445EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/24 10:45 p.m.17 views

CVE-2026-9403

A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. The attack may be initiated remotely. The...

9CVSS6.2AI score0.00445EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/24 10:0 p.m.13 views

CVE-2026-9400

A flaw has been found in Edimax BR-6675nD 1.12. This issue affects the function formUSBStorage of the file /goform/formUSBStorage of the component POST Request Handler. Executing a manipulation of the argument subdir can lead to command injection. It is possible to launch the attack remotely. The...

6.5CVSS5.6AI score0.01158EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/24 10:0 p.m.11 views

EUVD-2026-31603

A flaw has been found in Edimax BR-6675nD 1.12. This issue affects the function formUSBStorage of the file /goform/formUSBStorage of the component POST Request Handler. Executing a manipulation of the argument subdir can lead to command injection. It is possible to launch the attack remotely. The...

6.5CVSS6.4AI score0.01158EPSS
Exploits0References4
NVD
NVD
added 2026/05/24 3:16 p.m.18 views

CVE-2026-9389

A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used...

9CVSS0.00438EPSS
Exploits0References5
NVD
NVD
added 2026/05/24 2:16 p.m.19 views

CVE-2026-9383

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

7.5CVSS0.00254EPSS
Exploits0References5
CVE
CVE
added 2026/05/24 2:15 p.m.28 views

CVE-2026-9387

CVE-2026-9387 affects Totolink A8000RU Web Management, specifically the /cgi-bin/cstecgi.cgi function setUpgradeFW. The vulnerability arises from manipulation of the resetFlags argument, leading to OS command injection. Impact is described as remote, with high confidentiality, integrity, and avai...

10CVSS7AI score0.01732EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/24 2:0 p.m.12 views

CVE-2026-9386

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument lang leads to os command injection. The attack may be performed from remote...

10CVSS7.1AI score0.01732EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/24 1:15 p.m.10 views

CVE-2026-9383

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/24 11:45 a.m.10 views

CVE-2026-9379

A weakness has been identified in Edimax BR-6675nD 1.12. This impacts the function formWpsStart of the file /goform/formWpsStart of the component POST Request Handler. This manipulation of the argument pinCode causes command injection. The attack can be initiated remotely. The exploit has been ma...

6.5CVSS6.4AI score0.01158EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/24 11:0 a.m.14 views

CVE-2026-9377

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/24 11:0 a.m.19 views

CVE-2026-9377 SourceCodester SUP Online Shopping productedit.php cross site scripting

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is...

4.8CVSS0.00202EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/24 10:45 a.m.14 views

CVE-2026-9376

A vulnerability was determined in JPress up to 1.0.3. The affected element is an unknown function of the file /ucenter/article/doWriteSave of the component UCenter Article Submission Endpoint. Executing a manipulation of the argument id/userId can lead to improper authorization. The attack may be...

6.5CVSS6.2AI score0.00252EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/24 7:0 a.m.7 views

CVE-2026-9362 Edimax EW-7438RPn Setting formConnectionSetting command injection

A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument maxConn/timeOut leads to command injection. The attack...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/24 6:15 a.m.16 views

CVE-2026-9360 Edimax EW-7438RPn POST Request formwlencrypt24g buffer overflow

A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The manipulation of the argument key1 results in buffer overflow. The attack can be launched remotely...

9CVSS0.00445EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/24 6:15 a.m.9 views

CVE-2026-9360 Edimax EW-7438RPn POST Request formwlencrypt24g buffer overflow

A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The manipulation of the argument key1 results in buffer overflow. The attack can be launched remotely...

9CVSS7.8AI score0.00445EPSS
Exploits0References4
Rows per page
Query Builder