CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/26 5:30 a.m.•9 views

EUVD-2026-31796

A flaw has been found in Totolink CA750-PoE 6.2c.510. This affects the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument PIN can lead to os command injection. It is possible to launch the attack remotely. The...

CVE•added 2026/05/26 5:30 a.m.•23 views

CVE-2026-9534

Summary: Totolink CA750-PoE firmware 6.2c.510 is affected by a vulnerability in the Setting Handler (file /cgi-bin/cstecgi.cgi, function setWiFiWpsConfig). A manipulation of the PIN argument can lead to an OS command injection, and the attack can be launched remotely. The exploit has been publish...

Vulnrichment•added 2026/05/26 5:0 a.m.•10 views

CVE-2026-9532 Totolink CA750-PoE Setting cstecgi.cgi setUploadUserData os command injection

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument FileName leads to os command injection. The attack may be performe...

6.5CVSS6.3AI score0.01057EPSS

CVE•added 2026/05/26 5:0 a.m.•17 views

CVE-2026-9532

CVE-2026-9532 affects Totolink CA750-PoE 6.2c.510. The vulnerability lies in the Setting Handler’s file /cgi-bin/cstecgi.cgi function setUploadUserData where manipulation of the argument FileName leads to an OS command injection . The issue is reported as exploitable from remote with the exploit ...

6.5CVSS6.3AI score0.01057EPSS

EUVD•added 2026/05/26 5:0 a.m.•10 views

EUVD-2026-31794

6.5CVSS6.3AI score0.01057EPSS

Vulnrichment•added 2026/05/26 4:45 a.m.•6 views

CVE-2026-9531 Totolink CA750-PoE Setting cstecgi.cgi setUpgradeUboot os command injection

A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The...

ATTACKERKB•added 2026/05/26 4:45 a.m.•6 views

CVE-2026-9531

Exploits0References5Affected Software1

NVD•added 2026/05/26 4:16 a.m.•12 views

CVE-2026-9523

A vulnerability was detected in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2. Affected by this vulnerability is an unknown functionality of the file /SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree. Performing a manipulation of the argument...

NVD•added 2026/05/26 4:16 a.m.•17 views

CVE-2026-9525

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /admin/editjudge.php. The manipulation of the argument judgeid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may ...

Cvelist•added 2026/05/26 4:0 a.m.•34 views

CVE-2026-9528 itsourcecode Electronic Judging System delete_judge.php sql injection

A vulnerability was identified in itsourcecode Electronic Judging System 1.0. Impacted is an unknown function of the file /admin/deletejudge.php. Such manipulation of the argument judgeid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be...

EUVD•added 2026/05/26 4:0 a.m.•10 views

EUVD-2026-31785

7.5CVSS5.8AI score0.00319EPSS

Vulnrichment•added 2026/05/26 4:0 a.m.•5 views

CVE-2026-9528 itsourcecode Electronic Judging System delete_judge.php sql injection

7.5CVSS7AI score0.00319EPSS

CVE•added 2026/05/26 4:0 a.m.•14 views

CVE-2026-9528

The CVE-2026-9528 entry concerns itsourcecode Electronic Judging System 1.0. Affected component: /admin/delete_judge.php; vulnerability arises from manipulation of the judge_id parameter, enabling SQL injection. Attacker can exploit remotely; public exploit is available per the description. No re...

7.5CVSS7AI score0.00319EPSS

CVE•added 2026/05/26 3:45 a.m.•13 views

CVE-2026-9527

CVE-2026-9527 affects itsourcecode Electronic Judging System 1.0. The vulnerability resides in /admin/judges.php where manipulating the fname parameter triggers cross-site scripting. Remote exploitation is possible, and the exploit has been publicly disclosed (POC). Metrics indicate CVSS v3.1 bas...

5.3CVSS4.4AI score0.00336EPSS

Cvelist•added 2026/05/26 3:30 a.m.•36 views

CVE-2026-9526 itsourcecode Electronic Judging System edit_team.php sql injection

A vulnerability was found in itsourcecode Electronic Judging System 1.0. This vulnerability affects unknown code of the file /admin/editteam.php. The manipulation of the argument numid results in sql injection. The attack may be launched remotely. The exploit has been made public and could be use...

EUVD•added 2026/05/26 3:30 a.m.•8 views

EUVD-2026-31786

7.5CVSS5.7AI score0.00319EPSS

CVE•added 2026/05/26 2:45 a.m.•13 views

CVE-2026-9524

The CVE-2026-9524 entry concerns xianrendzw EasyReport (up to 2.0.17.0522_Beta). The vulnerable component is the REST Endpoint’s execute function, where manipulating the argument reportParams can cause SQL injection. This vulnerability enables remote execution with LOW privileges required and no ...

6.5CVSS6.4AI score0.00246EPSS

ATTACKERKB•added 2026/05/26 2:45 a.m.•7 views

CVE-2026-9524

A flaw has been found in xianrendzw EasyReport up to 2.0.17.0522Beta. Affected by this issue is the function execute of the component REST Endpoint. Executing a manipulation of the argument reportParams can lead to sql injection. The attack can be launched remotely. The vendor was contacted early...

6.5CVSS6.4AI score0.00246EPSS

Exploits0References5Affected Software1

EUVD•added 2026/05/26 2:45 a.m.•8 views

EUVD-2026-31783

6.5CVSS6.4AI score0.00246EPSS