CVE-2025-15217

A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely...

CVE-2025-56082

OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowing attackers to execute arbitrary commands via a crafted POST request to the checkchanges in file /usr/lib/lua/luci/controller/admin/common.lua...

Linux Distros Unpatched Vulnerability : CVE-2022-0427

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POS...

Exploit for SQL Injection in Mayurik Online_Tour_\&_Travel_Management_System

CVE-2025-8971 SQL Injection Author: Byte Reaper Des...

PT-2024-7244 · D Link · D-Link Dir-605L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-605L version 2.13B01 BETA Description: The issue is related to a buffer overflow vulnerability in the formSetWanPPPoE function of the /goform/formSetWanPPPoE file. This vulnerability can be exploited by sending a specially crafted...

CVE-2023-5495

A vulnerability was found in QDocs Smart School 6.4.1. It has been classified as critical. This affects an unknown part of the file /course/filterRecords/ of the component HTTP POST Request Handler. The manipulation of the argument searchdata0title/searchdata0searchfield/searchdata0searchvalue...

2023 Online Course Registration 1.0 SQL Injection

Title: 2023-Online-Course-Registration-1.0-Bypass-login-SQLi-RCE-password-changing Author: nu11secur1ty Date: 05.25.2023 Vendor: https://github.com/nikhilkeshava Software: https://github.com/nikhilkeshava/online-course-registration- Reference: https://portswigger.net/web-security/sql-injection,...

TRENDnet 多款产品 代码问题漏洞

TRENDnet TEW-755AP and others are a router from Trendnet, a US-based company. Several Trendnet products are vulnerable to null pointer dereference. A remote attacker could use the vulnerability to send POST requests to applycgi via the lang operation without a language key, resulting in a denial ...

Engelsystem Cross-Site Request Forgery Vulnerability

Engelsystem is a shift planning system. The system includes features such as team management, event management, attendance management and mail system. A cross-site request forgery vulnerability exists in versions prior to Engelsystem commit hash 2e28336. A remote attacker can exploit this...

D-Link DIR-130 and DIR-330 Authentication Vulnerability

The D-Link DIR-130 and DIR-330 are both wireless router products from AUO D-Link. An authentication vulnerability exists in the D-Link DIR-130 with firmware version 1.23a and the DIR-330 with firmware version 1.12. A remote attacker can exploit this vulnerability by manipulating a POST request to...

Huawei Flybox B660 - Cross-Site Request Forgery Vulnerability

Exploit for hardware platform in category web applications Document Title: =============== Huawei Flybox B660 - POST Reboot CSRF Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2025 Release Date: ============= 2017-01-10 Vulnerability...

PayPal GP+ Cross Site Scripting

Document Title: =============== Paypal Inc Bug Bounty 47 ALYZ - Persistent Search Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=807 PayPal Security UID: dx1f89rtd Release Date: ============= 2013-11-19 Vulnerability Laboratory ID VL-ID:...

Paypal Inc BB #47 ALYZ - Persistent Search Vulnerability

Document Title: =============== Paypal Inc BB 47 ALYZ - Persistent Search Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=807 PayPal Security UID: dx1f89rtd Release Date: ============= 2013-11-18 Vulnerability Laboratory ID VL-ID:...

Ubiquiti AirOS 5.5.2 - (Authenticated) Remote Command Execution

!/usr/bin/python +--------------------------------------------------------------------------------------------------------------------------------+ Exploit Title : Ubiquiti AirOS 0x90.nl Software link : http://www.ubnt.com/eula/?BACK=/downloads/XM-v5.5.2.build14175.bin Vendor site :...