Lucene search
+L

981 matches found

NVD
NVD
added 2026/05/09 4:16 p.m.20 views

CVE-2026-8188

A vulnerability has been found in Wavlink NU516U1 M16U1V240425. Affected is the function changewifipassword of the file /cgi-bin/adm.cgi. The manipulation of the argument wlchannel/wlPass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit has bee...

8.8CVSS0.05454EPSS
Exploits1References4
CVE
CVE
added 2026/05/04 8:15 a.m.23 views

CVE-2026-7747

CVE-2026-7747 affects Totolink N300RH (firmware 3.2.4-B20220812). The vulnerability lies in the Parameter Handler’s file /cgi-bin/cstecgi.cgi, specifically the loginauth function where manipulating the Password argument can cause a buffer overflow. It is network-borne with no authentication requi...

10CVSS7.7AI score0.00606EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/04 8:15 a.m.5 views

CVE-2026-7747

A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument Password results in buffer overflow. The attack can be...

10CVSS7.7AI score0.00606EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/04 12:0 a.m.10 views

TOTOLINK N300RH 缓冲区错误漏洞

TOTOLINK N300RH is a long-range wireless router produced by TOTOLINK Corporation. The version TOTOLINK N300RH 3.2.4-B20220812 contains a buffer overflow vulnerability. This vulnerability arises from the loginauth function in the Parameter Handler component, where the handling of the Password...

10CVSS7.8AI score0.00606EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/27 2:15 p.m.3 views

CVE-2026-7131

A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the file /loginuser.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

7.5CVSS5.5AI score0.00254EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.10 views

Code-Projects Online Lot Reservation System 注入漏洞

Code-Projects Online Lot Reservation System is an open-source online reservation system developed by Code-Projects. Versions of the Code-Projects Online Lot Reservation System prior to 1.0 contained a SQL injection vulnerability, which stemmed from the handling of parameters email/password in the...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.23 views

PT-2026-35436

A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the file /loginuser.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

7.5CVSS5.5AI score0.00254EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.16 views

PT-2026-35379

A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file update user.php of the component MD5 Hash Handler. This manipulation of the argument Password causes use of weak hash. The attack is possible to be carried out remotely. The attack's...

6.3CVSS4.2AI score0.00188EPSS
Exploits0References6
NVD
NVD
added 2026/04/26 11:16 p.m.11 views

CVE-2026-7063

A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint. Performing a manipulation of the argument pwd results in sql injection. The attack is possible to be carrie...

7.5CVSS0.00254EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/26 10:30 p.m.2 views

CVE-2026-7063

A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint. Performing a manipulation of the argument pwd results in sql injection. The attack is possible to be carrie...

7.5CVSS7.3AI score0.00254EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.12 views

Code-Projects Employee Management System 注入漏洞

Code-Projects Employee Management System is an open-source employee management system developed by Code-Projects. Version 1.0 of the Code-Projects Employee Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of the pwd parameter in the...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.8 views

PT-2026-35270

A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint. Performing a manipulation of the argument pwd results in sql injection. The attack is possible to be carrie...

7.5CVSS7.3AI score0.00254EPSS
Exploits0References6
CNVD
CNVD
added 2026/04/24 12:0 a.m.9 views

TOTOLINK A3300R password parameter command injection vulnerability

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R password parameter, which can be exploited by an attacker to execute arbitrary commands by sending malicious data to the password parameter of...

6.5CVSS6AI score0.00279EPSS
Exploits1
EUVD
EUVD
added 2026/04/23 6:33 p.m.15 views

EUVD-2026-25239

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References2
NVD
NVD
added 2026/04/23 6:16 p.m.8 views

CVE-2026-31159

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS0.00279EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/23 12:0 a.m.7 views

PT-2026-34670

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557 B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/23 12:0 a.m.4 views

CVE-2026-31159

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi...

6.5CVSS6.1AI score0.00279EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

TOTOLINK A3300R 命令注入漏洞

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R password parameter, which can be exploited by an attacker to execute arbitrary commands by sending malicious data to the password parameter of...

6.5CVSS6AI score0.00279EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/23 12:0 a.m.6 views

CVE-2026-31159

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi...

6.1AI score0.00279EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/23 12:0 a.m.44 views

CVE-2026-31159

An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi...

0.00279EPSS
Exploits1References1
Rows per page
Query Builder