40968 matches found
CVE-2026-7550 SourceCodester Pharmacy Sales and Inventory System ajax.php save_customer sql injection
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=savecustomer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2026-7549 SourceCodester Pharmacy Sales and Inventory System ajax.php delete_customer sql injection
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=deletecustomer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been...
CVE-2026-7536
A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsfsessaddbyipaddress of the file /nbsf-management/v1/pcfBindings of the component BSF. Executing a manipulation of the argument ipv4Addr can lead to denial of service. The attack can be launched...
CVE-2026-7546 Totolink NR1800X lighttpd find_host_ip stack-based overflow
A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. The impacted element is the function findhostip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been...
CVE-2026-7546
A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. The impacted element is the function findhostip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been...
CVE-2026-7546
Totolink NR1800X firmware 9.1.0u.6279_B20210910 contains a stack-based overflow in lighttpd’s find_host_ip when Host is manipulated. This remote vulnerability has a publicly disclosed exploit. No remediation details are provided in the supplied documents.
EUVD-2026-26473
A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. The impacted element is the function findhostip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been...
CVE-2026-7538 Totolink A8000RU CGI cstecgi.cgi vulnerability os command injection
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument proto leads to os command injection. The attack may be initiated remotely. The explo...
CVE-2026-7538 Totolink A8000RU CGI cstecgi.cgi vulnerability os command injection
A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument proto leads to os command injection. The attack may be initiated remotely. The explo...
CVE-2026-7535
A vulnerability was found in Open5GS up to 2.7.7. This affects the function amfnamfcommhandleregistrationstatusupdaterequest in the library /lib/app/ogs-init.c of the file /namf-comm/v1/ue-contexts/ueContextId/transfer-update. Performing a manipulation of the argument ueContextId results in denia...
CVE-2026-7536
Open5GS BSF component (pcfBindings, function bsf_sess_add_by_ip_address in /nbsf-management/v1/pcfBindings) is affected up to version 2.7.7. Manipulating the ipv4Addr argument can cause a denial of service, with the attack executable remotely. The exploit has been publicly disclosed, and the Open...
CVE-2026-7535 Open5GS transfer-update denial of service
A vulnerability was found in Open5GS up to 2.7.7. This affects the function amfnamfcommhandleregistrationstatusupdaterequest in the library /lib/app/ogs-init.c of the file /namf-comm/v1/ue-contexts/ueContextId/transfer-update. Performing a manipulation of the argument ueContextId results in denia...
CVE-2026-7535 Open5GS transfer-update denial of service
A vulnerability was found in Open5GS up to 2.7.7. This affects the function amfnamfcommhandleregistrationstatusupdaterequest in the library /lib/app/ogs-init.c of the file /namf-comm/v1/ue-contexts/ueContextId/transfer-update. Performing a manipulation of the argument ueContextId results in denia...
EUVD-2026-26468
A vulnerability was found in Open5GS up to 2.7.7. This affects the function amfnamfcommhandleregistrationstatusupdaterequest in the library /lib/app/ogs-init.c of the file /namf-comm/v1/ue-contexts/ueContextId/transfer-update. Performing a manipulation of the argument ueContextId results in denia...
CVE-2026-7535
Open5GS
CVE-2026-7519
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...
CVE-2026-7519
Technical details are not publicly available in the provided documents. Monitor for updates.
EUVD-2026-26467
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...
CVE-2026-7519 Fujian Apex LiveBOS Endpoint UploadImage.do path traversal
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to t...
CVE-2026-7518
A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amfnamfcallbackhandlesdmdatachangenotify of the file /namf-callback/v1/id/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes denial of service. The...