CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Vulnrichment•added 2025/06/24 12:0 a.m.•5 views

CVE-2021-41691

A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via the "studentid" and "TRANSFERSCHOOL" parameters in POST request sent to /TransferredOutModal.php...

7.7AI score0.03729EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 9:55 a.m.•2 views

CVE-2024-28354

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.@smb%d.username in the apply.cgi interface, thereby gaining root shell privileges...

10CVSS7.8AI score0.01383EPSS

Exploits1References1

NVD•added 2024/03/15 8:15 a.m.•11 views

CVE-2024-28353

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.config.smbadminname in the apply.cgi interface, thereby gaining root shell privileges...

8.8CVSS7.4AI score0.04891EPSS

Exploits1References1

Cvelist•added 2024/03/15 12:0 a.m.•13 views

CVE-2024-28353

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware version 2.10B01. An attacker can inject commands into the post request parameters usapps.config.smbadminname in the apply.cgi interface, thereby gaining root shell privileges...

7.7AI score0.04891EPSS

Exploits1References1

Prion•added 2023/06/06 2:15 p.m.•14 views

Command injection

There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges...

7.5CVSS9.8AI score0.27387EPSS

Exploits1References2Affected Software1

NVD•added 2023/05/23 1:15 a.m.•13 views

CVE-2023-31741

There is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters wlssid, wlant, wlrate, WLattenctl, ttcpnum, ttcpsize in the httpd s StartEPI function,...

7.2CVSS7.3AI score0.09076EPSS

Exploits1References2

Prion•added 2023/05/23 1:15 a.m.•18 views

Command injection

5.8CVSS7.3AI score0.09076EPSS

Exploits1References2Affected Software1

Cvelist•added 2023/05/23 12:0 a.m.•14 views

CVE-2023-31741

7.6AI score0.09076EPSS

Exploits1References2

Cvelist•added 2023/05/22 12:0 a.m.•11 views

CVE-2023-31742

There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30.18.006. If an attacker gains web management privileges, they can inject commands into the post request parameters wlant, wlrate, WLattenctl, ttcpnum, ttcpsize in the httpd s StartEPI function,...

7.6AI score0.73813EPSS

Exploits1References2

Cvelist•added 2021/01/22 8:30 a.m.•11 views

CVE-2021-22847 Hyweb HyCMS-J1 - SQL Injection

Hyweb HyCMS-J1's API fail to filter POST request parameters. Remote attackers can inject SQL syntax and execute commands without privilege...

8.8CVSS9.4AI score0.01142EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by