CVE-2026-9422

A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown processing of the component HTTP POST Request Parameter Handler. Such manipulation leads to injection. The attack can be launched remotely. The exploit is publicly available and might be used...

CVE-2025-15218 Tenda AC10U POST Request Parameter AdvSetLanip fromadvsetlanip buffer overflow

A weakness has been identified in Tenda AC10U 15.03.06.48/15.03.06.49. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Parameter Handler. Executing a manipulation of the argument lanMask can lead to buffer overflow. The...

CVE-2025-15218

The CVE-2025-15218 issue affects Tenda AC10U firmware versions 15.03.06.48–15.03.06.49. The vulnerability lies in the POST Request Parameter Handler, specifically the fromadvsetlanip function in /goform/AdvSetLanip, where manipulating the lanMask argument can trigger a buffer overflow. The impact...

EUVD-2025-18441

Malicious code in bioql PyPI...

CVE-2025-6131

A vulnerability, which was classified as problematic, was found in CodeAstro Food Ordering System 1.0. Affected is an unknown function of the file /admin/store/edit/ of the component POST Request Parameter Handler. The manipulation of the argument Restaurant Name/Address leads to cross site...

CVE-2025-6131

A vulnerability, which was classified as problematic, was found in CodeAstro Food Ordering System 1.0. Affected is an unknown function of the file /admin/store/edit/ of the component POST Request Parameter Handler. The manipulation of the argument Restaurant Name/Address leads to cross site...

CVE-2025-6131 CodeAstro Food Ordering System POST Request Parameter edit cross site scripting

A vulnerability, which was classified as problematic, was found in CodeAstro Food Ordering System 1.0. Affected is an unknown function of the file /admin/store/edit/ of the component POST Request Parameter Handler. The manipulation of the argument Restaurant Name/Address leads to cross site...

CVE-2025-25387

A SQL Injection vulnerability was found in /admin/manage-propertytype.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the propertytype POST request parameter...

CVE-2025-25356

A SQL Injection vulnerability was found in /admin/bwdates-reports-details.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the " todate" POST request parameter...

CVE-2024-53635

A Reflected Cross Site Scripting XSS vulnerability was found in /covid-tms/patient-search-report.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata POST request parameter...

CVE-2024-51054

A Cross Site Scriptng XSS vulnerability was found in /omrs/admin/search.php in PHPGurukul Online Marriage Registration System 1.0, which allows remote attackers to execute arbitrary code via the "searchdata" POST request parameter...

CVE-2024-51054

A Cross Site Scriptng XSS vulnerability was found in /omrs/admin/search.php in PHPGurukul Online Marriage Registration System 1.0, which allows remote attackers to execute arbitrary code via the "searchdata" POST request parameter...

CVE-2024-48744

A Reflected Cross Site Scripting XSS vulnerability was found in /trms/listed- teachers.php in PHPGurukul Teachers Record Management System v2.1, which allows remote attackers to execute arbitrary code via "searchinput" POST request parameter...

CVE-2020-29596

MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service daemon crash via a long name for the first parameter in a POST request...

CVE-2019-19838

emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/cmdstat.jsp via the uploadFile attribute...