40978 matches found
CVE-2026-6561
A vulnerability was detected in EyouCMS up to 1.7.1. This issue affects the function editadminlogo of the file application/admin/controller/Index.php. Performing a manipulation of the argument filename results in unrestricted upload. The attack is possible to be carried out remotely. The exploit ...
CVE-2026-6562 dameng100 muucmf index.html getListByPage sql injection
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...
CVE-2026-6562
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...
CVE-2026-6562 dameng100 muucmf index.html getListByPage sql injection
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...
CVE-2026-6562
CVE-2026-6562 affects dameng100 muucmf 1.9.5.20260309. The vulnerable component is getListByPage in /index/Search/index.html. Manipulating the keyword argument enables SQL injection from remote, with exploit published. Vendor was contacted but did not respond.
CVE-2026-6560
A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function EditBasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed public...
CVE-2026-6561
A vulnerability was detected in EyouCMS up to 1.7.1. This issue affects the function editadminlogo of the file application/admin/controller/Index.php. Performing a manipulation of the argument filename results in unrestricted upload. The attack is possible to be carried out remotely. The exploit ...
CVE-2026-6561 EyouCMS Index.php edit_adminlogo unrestricted upload
A vulnerability was detected in EyouCMS up to 1.7.1. This issue affects the function editadminlogo of the file application/admin/controller/Index.php. Performing a manipulation of the argument filename results in unrestricted upload. The attack is possible to be carried out remotely. The exploit ...
CVE-2026-6560
A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function EditBasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed public...
CVE-2026-6560 H3C Magic B0 aspForm Edit_BasicSSID buffer overflow
A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function EditBasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed public...
CVE-2026-6560 H3C Magic B0 aspForm Edit_BasicSSID buffer overflow
A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function EditBasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed public...
CVE-2026-6560
CVE-2026-6560 affects H3C Magic B0 devices up to version 100R002. The vulnerability lies in the function Edit_BasicSSID of the file /goform/aspForm, where manipulation of the input parameter leads to a buffer overflow. The flaw can be exploited remotely, and exploits have been disclosed publicly....
PT-2026-33620
A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be use...
PT-2026-33642
A vulnerability was identified in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file owntracks/views.py of the component logtracks Endpoint. The manipulation leads to missing authentication. The attack can be initiated remotely. The exploit is publicly...
PT-2026-33650
Name of the Vulnerable Software and Affected Versions liangliangyy DjangoBlog versions prior to 2.1.0.0 Description An issue exists in the Amap API Call Handler component within the file 'owntracks/views.py'. Manipulation of the key argument leads to the use of a hard-coded cryptographic key. Thi...
PT-2026-33655
A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function get budget/update budget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation leads to authorization bypass. It is possible to launch the attack remotely...
PT-2026-33626
A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share Handler. This manipulation of the argument path causes path traversal. The attack can be initiated...
PT-2026-33631
A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfile results in server-side request forgery. The attack can be executed remotely...
PT-2026-33654
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function update organisation of the file superagi/controllers/organisation.py of the component Organisation Update Endpoint. This manipulation of the argument organisation id causes authorization...
PT-2026-33629
A weakness has been identified in kodcloud KodExplorer up to 4.52. Affected by this vulnerability is the function roleGroupAction of the file /app/controller/systemRole.class.php. Executing a manipulation of the argument group role can lead to authorization bypass. The attack may be launched...