41208 matches found
CVE-2026-5021
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-5021
CVE-2026-5021 affects Tenda F453 1.0.0.3. The vulnerability is a stack-based overflow in httpd’s fromPPTPUserSetting (/goform/PPTPUserSetting) caused by manipulating the delno argument. Remote exploitation is possible and exploits have been published. Remediation in documents: update to a newer v...
CVE-2026-5021 Tenda F453 httpd PPTPUserSetting fromPPTPUserSetting stack-based overflow
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been...
EUVD-2026-16953
A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The...
EUVD-2026-16951
A vulnerability was identified in elecV2 elecV2P up to 3.8.3. This affects the function eAxios of the file /mock of the component URL Handler. Such manipulation of the argument req leads to server-side request forgery. It is possible to launch the attack remotely. The exploit is publicly availabl...
CVE-2026-5020 Totolink A3600R Parameter cstecgi.cgi setNoticeCfg command injection
A vulnerability was detected in Totolink A3600R 4.1.2cu.5182B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. The attack may be launched...
CVE-2026-5020
Summary: CVE-2026-5020 affects Totolink A3600R (v4.1.2cu.5182_B20201102). The vulnerability is in the Parameter Handler’s setNoticeCfg function (file /cgi-bin/cstecgi.cgi). Manipulating the NoticeUrl argument allows arbitrary command execution via a remote attacker, with exploit publicly availabl...
CVE-2026-5019
A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. The attack may be...
PT-2026-28751
Name of the Vulnerable Software and Affected Versions Belkin F9K1122 version 1.00.33 Description A weakness exists in Belkin F9K1122. The issue involves the formSetPassword function within the Parameter Handler component, specifically in the file /goform/formSetPassword. Manipulation of the webpa...
PT-2026-28742
Name of the Vulnerable Software and Affected Versions Totolink NR1800X version 9.1.0u.6279 B20210910 Description A command injection issue exists in the Telnet Service component of Totolink NR1800X. The issue is located in the NTPSyncWithHost function within the /cgi-bin/cstecgi.cgi file...
PT-2026-30701
Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A security flaw exists in the CsteSystem function of the /cgi-bin/cstecgi.cgi file in Totolink A7100RU version 7.4cu.2313 b20191024. Manipulation of the resetFlags argument can lead to...
PT-2026-28744
Name of the Vulnerable Software and Affected Versions code-projects Accounting System version 1.0 Description A SQL injection issue exists in code-projects Accounting System version 1.0. The issue is located in an unknown functionality within the /view costumer.php file, specifically affecting th...
PT-2026-28749
Name of the Vulnerable Software and Affected Versions code-projects Chamber of Commerce Membership Management System version 1.0 Description A flaw exists in the Chamber of Commerce Membership Management System that allows for command injection. This issue is located in the fwrite function within...
CVE-2026-5019
The CVE-2026-5019 issue affects code-projects’ Simple Food Order System 1.0, specifically the all-orders.php in the Parameter Handler. The vulnerability arises from manipulating the Status parameter, enabling a SQL injection. A remote attack is possible, and public exploit details have been discl...
CVE-2026-5019
A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. The attack may be...
CVE-2026-5019 code-projects Simple Food Order System Parameter all-orders.php sql injection
A security vulnerability has been detected in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. The attack may be...
CVE-2026-5018
A weakness has been identified in code-projects Simple Food Order System 1.0. Affected is an unknown function of the file register-router.php of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. The attack can be launched remotely. The explo...
CVE-2026-5017
A security flaw has been discovered in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. The attack can be initiated remotely. The...
CVE-2026-4968
A vulnerability was determined in SourceCodester Diary App 1.0. The affected element is an unknown function of the file diary.php. Executing a manipulation can lead to cross-site request forgery. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...
CVE-2026-4988
A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smfgxccacb/smfgyccacb/smfs6b of the component CCA Message Handler. The manipulation results in denial of service. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitabilit...