CVE-2019-25543

Netartmedia Real Estate Portal 5.0 contains an unauthenticated SQL injection in the page parameter (via index.php) that allows attackers to manipulate queries, potentially bypass authentication and access or modify data. The vulnerability affects the server-side SQL handling of the page field. CV...

EUVD-2020-22898

Malware in sbrugna...

EUVD-2010-3057

Malware in sbrugna...

EUVD-2024-35144

Malicious code in bioql PyPI...

EUVD-2022-37493

Malicious code in bioql PyPI...

EUVD-2025-16750

Malicious code in bioql PyPI...

CVE-2024-56343 IBM Verify Identity Access Digital Credentials denial of service

IBM Verify Identity Access Digital Credentials 24.06 could allow an authenticated user to crash the service with a specially crafted POST request...

CVE-2024-57479

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/we...

CVE-2022-34576

A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request...

CVE-2022-34212

A missing permission check in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request to an attacker-specified URL...

CVE-2025-46052

CVE-2025-46052 involves WebERP v4.15.2 with an error-based SQL Injection affecting the DEL form field in a POST request to /StockCounts.php. The underlying issue allows an attacker to execute arbitrary SQL and extract sensitive data. Multiple connected sources confirm the vulnerable endpoint and ...

CVE-2025-45020

A SQL Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of PHPGurukul Park Ticketing Management System v2.0. This vulnerability allows remote attackers to execute arbitrary SQL code via the todate parameter in a POST request...

CVE-2024-54959

Nagios XI 2024R1.2.2 is vulnerable to a Cross-Site Request Forgery CSRF attack through the Favorites component, enabling POST-based Cross-Site Scripting XSS...

CVE-2025-1108

Insufficient data authenticity verification vulnerability in Janto, versions prior to r12. This allows an unauthenticated attacker to modify the content of emails sent to reset the password. To exploit the vulnerability, the attacker must create a POST request by injecting malicious content into...

CVE-2025-1107

Unverified password change vulnerability in Janto, versions prior to r12. This could allow an unauthenticated attacker to change another user's password without knowing their current password. To exploit the vulnerability, the attacker must create a specific POST request and send it to the endpoi...

CVE-2025-1107 Unverified password change vulnerability in Janto

Unverified password change vulnerability in Janto, versions prior to r12. This could allow an unauthenticated attacker to change another user's password without knowing their current password. To exploit the vulnerability, the attacker must create a specific POST request and send it to the endpoi...

CVE-2024-57473

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address editing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to...

OpenEMR has an unspecified vulnerability (CNVD-2024-31488)

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. A security vulnerability exists in OpenEMR version 7.0.2. An attacker can exploit...

D-Link DAP-2660 安全漏洞

The D-Link DAP-2660 is a wireless device from China AUO D-Link. A security vulnerability exists in D-Link DAP-2660 v1.13, which stems from a buffer overflow vulnerability in the parameter fipv6enable. An attacker can exploit the vulnerability by designing a POST request...

CVE-2022-1248

A vulnerability was found in SAP Information System 1.0 which has been rated as critical. Affected by this issue is the file /SAPInformationSystem/controllers/addadmin.php. An unauthenticated attacker is able to create a new admin account for the web application with a simple POST request. Exploi...