41208 matches found
CVE-2026-5041
CVE-2026-5041 affects code-projects Chamber of Commerce Membership Management System 1.0. The vulnerability is in the fwrite usage of admin/pageMail.php, where manipulating the arguments mailSubject/mailMessage enables command injection. The attack could be remote and publicly available exploit c...
EUVD-2026-16981
A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be initiated remotely...
CVE-2026-5036
CVE-2026-5036 affects Tenda 4G06 04.06.01.29. The vulnerability is in the fromDhcpListClient function in /goform/DhcpListClient (Endpoint component) where manipulating the page argument causes a stack-based buffer overflow. It can be exploited remotely, and public exploitation exists. Affected so...
CVE-2026-5036 Tenda 4G06 Endpoint DhcpListClient fromDhcpListClient stack-based overflow
A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be initiated remotely...
CVE-2026-5035
CVE-2026-5035 affects code-projects Accounting System 1.0, specifically the Parameter Handler’s file /view_work.php. The vulnerability arises from manipulation of the en_id argument, leading to a SQL injection. It is remotely exploitable and an exploit has been disclosed publicly. Multiple connec...
EUVD-2026-16973
A vulnerability was found in BichitroGan ISP Billing Software 2025.3.20. Impacted is an unknown function of the file /?route=settings/users-view/ of the component Endpoint. The manipulation of the argument ID results in improper control of resource identifiers. The attack can be launched remotely...
CVE-2026-5033
A vulnerability was detected in code-projects Accounting System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewcostumer.php of the component Parameter Handler. The manipulation of the argument cosid results in sql injection. The attack may be performed from remot...
CVE-2026-5034
A flaw has been found in code-projects Accounting System 1.0. Affected by this issue is some unknown functionality of the file /editcostumer.php of the component Parameter Handler. This manipulation of the argument cosid causes sql injection. It is possible to initiate the attack remotely. The...
CVE-2026-5034
The CVE-2026-5034 issue affects code-projects Accounting System 1.0, specifically the Parameter Handler’s /edit_costumer.php. The cos_id argument manipulation enables SQL injection, with remote exploitation possible and an exploit published. Multiple feeds (NVD, Red Hat, ENISA EUVD, CIRCL, CVE li...
CVE-2026-5033 code-projects Accounting System Parameter view_costumer.php sql injection
A vulnerability was detected in code-projects Accounting System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewcostumer.php of the component Parameter Handler. The manipulation of the argument cosid results in sql injection. The attack may be performed from remot...
CVE-2026-5033
CVE-2026-5033 affects code-projects Accounting System 1.0, specifically the /view_costumer.php component under Parameter Handler. It allows manipulation of the cos_id argument to trigger SQL injection, with remote access and public exploits reported. Multiple sources (NVD, Red Hat, CIRCL, CVE lis...
CVE-2026-5031
A vulnerability was found in BichitroGan ISP Billing Software 2025.3.20. Impacted is an unknown function of the file /?route=settings/users-view/ of the component Endpoint. The manipulation of the argument ID results in improper control of resource identifiers. The attack can be launched remotely...
CVE-2026-5031 BichitroGan ISP Billing Software Endpoint users-view resource injection
A vulnerability was found in BichitroGan ISP Billing Software 2025.3.20. Impacted is an unknown function of the file /?route=settings/users-view/ of the component Endpoint. The manipulation of the argument ID results in improper control of resource identifiers. The attack can be launched remotely...
CVE-2026-5031
CVE-2026-5031 affects BichitroGan ISP Billing Software 2025.3.20. The vulnerability is in the Endpoint component, specifically the unknown function at the file path /?_route=settings/users-view/. The issue arises from manipulation of the argument ID , causing improper control of resource identifi...
CVE-2026-5024
A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made...
CVE-2026-5030 Totolink NR1800X Telnet Service cstecgi.cgi NTPSyncWithHost command injection
A vulnerability has been found in Totolink NR1800X 9.1.0u.6279B20210910. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument hosttime leads to command injection. The attack can be initiated remotely. Th...
CVE-2026-5024 D-Link DIR-513 formSetEmail stack-based overflow
A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made...
CVE-2026-5024
The report concerns D-Link DIR-513 (1.10). A vulnerability in the formSetEmail function (/goform/formSetEmail) arises from manipulating the curTime argument, causing a stack-based buffer overflow. The flaw is remotely exploitable and an exploit has been published. The affected product is no longe...
CVE-2026-5024 D-Link DIR-513 formSetEmail stack-based overflow
A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made...
CVE-2026-5021
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been...