Lucene search
K

41208 matches found

CVE
CVE
added 2026/03/29 9:45 a.m.13 views

CVE-2026-5041

CVE-2026-5041 affects code-projects Chamber of Commerce Membership Management System 1.0. The vulnerability is in the fwrite usage of admin/pageMail.php, where manipulating the arguments mailSubject/mailMessage enables command injection. The attack could be remote and publicly available exploit c...

5.8CVSS5.8AI score0.01894EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/29 9:30 a.m.3 views

EUVD-2026-16981

A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be initiated remotely...

9CVSS7.8AI score0.0056EPSS
Exploits1References6
CVE
CVE
added 2026/03/29 7:45 a.m.12 views

CVE-2026-5036

CVE-2026-5036 affects Tenda 4G06 04.06.01.29. The vulnerability is in the fromDhcpListClient function in /goform/DhcpListClient (Endpoint component) where manipulating the page argument causes a stack-based buffer overflow. It can be exploited remotely, and public exploitation exists. Affected so...

9CVSS7.8AI score0.0056EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/29 7:45 a.m.1 views

CVE-2026-5036 Tenda 4G06 Endpoint DhcpListClient fromDhcpListClient stack-based overflow

A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be initiated remotely...

9CVSS7.8AI score0.0056EPSS
Exploits1References5
CVE
CVE
added 2026/03/29 7:0 a.m.10 views

CVE-2026-5035

CVE-2026-5035 affects code-projects Accounting System 1.0, specifically the Parameter Handler’s file /view_work.php. The vulnerability arises from manipulation of the en_id argument, leading to a SQL injection. It is remotely exploitable and an exploit has been disclosed publicly. Multiple connec...

9.8CVSS6.8AI score0.00389EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/03/29 6:31 a.m.2 views

EUVD-2026-16973

A vulnerability was found in BichitroGan ISP Billing Software 2025.3.20. Impacted is an unknown function of the file /?route=settings/users-view/ of the component Endpoint. The manipulation of the argument ID results in improper control of resource identifiers. The attack can be launched remotely...

5.3CVSS5.5AI score0.00226EPSS
Exploits0References5
NVD
NVD
added 2026/03/29 6:16 a.m.4 views

CVE-2026-5033

A vulnerability was detected in code-projects Accounting System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewcostumer.php of the component Parameter Handler. The manipulation of the argument cosid results in sql injection. The attack may be performed from remot...

9.8CVSS0.00342EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/29 6:0 a.m.4 views

CVE-2026-5034

A flaw has been found in code-projects Accounting System 1.0. Affected by this issue is some unknown functionality of the file /editcostumer.php of the component Parameter Handler. This manipulation of the argument cosid causes sql injection. It is possible to initiate the attack remotely. The...

7.5CVSS6.8AI score0.00329EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/03/29 6:0 a.m.14 views

CVE-2026-5034

The CVE-2026-5034 issue affects code-projects Accounting System 1.0, specifically the Parameter Handler’s /edit_costumer.php. The cos_id argument manipulation enables SQL injection, with remote exploitation possible and an exploit published. Multiple feeds (NVD, Red Hat, ENISA EUVD, CIRCL, CVE li...

9.8CVSS5.8AI score0.00329EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/29 5:15 a.m.1 views

CVE-2026-5033 code-projects Accounting System Parameter view_costumer.php sql injection

A vulnerability was detected in code-projects Accounting System 1.0. Affected by this vulnerability is an unknown functionality of the file /viewcostumer.php of the component Parameter Handler. The manipulation of the argument cosid results in sql injection. The attack may be performed from remot...

7.5CVSS5.8AI score0.00342EPSS
Exploits1References5
CVE
CVE
added 2026/03/29 5:15 a.m.14 views

CVE-2026-5033

CVE-2026-5033 affects code-projects Accounting System 1.0, specifically the /view_costumer.php component under Parameter Handler. It allows manipulation of the cos_id argument to trigger SQL injection, with remote access and public exploits reported. Multiple sources (NVD, Red Hat, CIRCL, CVE lis...

9.8CVSS5.8AI score0.00342EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/29 4:30 a.m.1 views

CVE-2026-5031

A vulnerability was found in BichitroGan ISP Billing Software 2025.3.20. Impacted is an unknown function of the file /?route=settings/users-view/ of the component Endpoint. The manipulation of the argument ID results in improper control of resource identifiers. The attack can be launched remotely...

5.3CVSS5.5AI score0.00226EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/29 4:30 a.m.35 views

CVE-2026-5031 BichitroGan ISP Billing Software Endpoint users-view resource injection

A vulnerability was found in BichitroGan ISP Billing Software 2025.3.20. Impacted is an unknown function of the file /?route=settings/users-view/ of the component Endpoint. The manipulation of the argument ID results in improper control of resource identifiers. The attack can be launched remotely...

5.3CVSS0.00226EPSS
Exploits0References4
CVE
CVE
added 2026/03/29 4:30 a.m.7 views

CVE-2026-5031

CVE-2026-5031 affects BichitroGan ISP Billing Software 2025.3.20. The vulnerability is in the Endpoint component, specifically the unknown function at the file path /?_route=settings/users-view/. The issue arises from manipulation of the argument ID , causing improper control of resource identifi...

5.3CVSS5.5AI score0.00226EPSS
Exploits0References4
NVD
NVD
added 2026/03/29 4:16 a.m.3 views

CVE-2026-5024

A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made...

9CVSS0.00764EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/29 3:30 a.m.3 views

CVE-2026-5030 Totolink NR1800X Telnet Service cstecgi.cgi NTPSyncWithHost command injection

A vulnerability has been found in Totolink NR1800X 9.1.0u.6279B20210910. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument hosttime leads to command injection. The attack can be initiated remotely. Th...

6.5CVSS5.6AI score0.02281EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/29 2:45 a.m.1 views

CVE-2026-5024 D-Link DIR-513 formSetEmail stack-based overflow

A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made...

9CVSS6.4AI score0.00764EPSS
Exploits1References5
CVE
CVE
added 2026/03/29 2:45 a.m.12 views

CVE-2026-5024

The report concerns D-Link DIR-513 (1.10). A vulnerability in the formSetEmail function (/goform/formSetEmail) arises from manipulating the curTime argument, causing a stack-based buffer overflow. The flaw is remotely exploitable and an exploit has been published. The affected product is no longe...

9CVSS7.7AI score0.00764EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/03/29 2:45 a.m.28 views

CVE-2026-5024 D-Link DIR-513 formSetEmail stack-based overflow

A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made...

9CVSS0.00764EPSS
Exploits1References5
NVD
NVD
added 2026/03/29 2:16 a.m.13 views

CVE-2026-5021

A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been...

9CVSS0.00632EPSS
Exploits1References5
Rows per page
Query Builder