Lucene search
K

41225 matches found

EUVD
EUVD
added 2026/03/27 3:31 a.m.3 views

EUVD-2026-16524

A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed...

9CVSS8.1AI score0.02604EPSS
Exploits1References6
EUVD
EUVD
added 2026/03/27 3:31 a.m.12 views

EUVD-2026-16525

A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db6751050d2ad0. The impacted element is the function sitemap.fetch of the file /sitemap of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack is...

6.5CVSS6.1AI score0.00206EPSS
Exploits0References5
CVE
CVE
added 2026/03/27 3:1 a.m.8 views

CVE-2026-4910

CVE-2026-4910 affects Shenzhen Ruiming Technology Streamax Crocus bis 1.3.44. The vulnerability resides in an unknown function of the file /RemoteFormat.do in the Endpoint component, where manipulation of the argument State results in SQL injection. It can be triggered remotely, with exploitation...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/27 2:25 a.m.5 views

EUVD-2026-16529

A weakness has been identified in code-projects Exam Form Submission 1.0/7.php. This impacts an unknown function of the file /admin/updates7.php. This manipulation of the argument sname causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made availabl...

4.8CVSS4.3AI score0.00279EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/27 2:25 a.m.3 views

CVE-2026-4909

A weakness has been identified in code-projects Exam Form Submission 1.0. This impacts an unknown function of the file /admin/updates7.php. This manipulation of the argument sname causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made available to t...

4.8CVSS4.4AI score0.00279EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/03/27 2:16 a.m.5 views

CVE-2026-4907

A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db6751050d2ad0. The impacted element is the function sitemap.fetch of the file /sitemap of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack is...

6.5CVSS0.00206EPSS
Exploits0References4
CVE
CVE
added 2026/03/27 1:33 a.m.8 views

CVE-2026-4907

CVE-2026-4907 affects Page-Replica Page Replica (Endpoint sitemap) where the function sitemap.fetch in /sitemap is vulnerable to server-side request forgery via manipulation of the url argument. This can be exploited remotely and there is reference to a publicly available exploit. The product use...

6.5CVSS6.1AI score0.00206EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/27 1:33 a.m.1 views

CVE-2026-4907 Page-Replica Page Replica Endpoint sitemap sitemap.fetch server-side request forgery

A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db6751050d2ad0. The impacted element is the function sitemap.fetch of the file /sitemap of the component Endpoint. The manipulation of the argument url leads to server-side request forgery. The attack is...

6.5CVSS6.3AI score0.00206EPSS
Exploits0References4
NVD
NVD
added 2026/03/27 1:16 a.m.3 views

CVE-2026-4906

A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed...

9CVSS0.02604EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/27 12:53 a.m.30 views

CVE-2026-4906 Tenda AC5 POST Request WizardHandle decodePwd stack-based overflow

A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed...

9CVSS0.02604EPSS
Exploits1References5
CVE
CVE
added 2026/03/27 12:53 a.m.14 views

CVE-2026-4906

CVE-2026-4906 affects Tenda AC5 firmware 15.03.06.47. The vulnerability resides in the decodePwd function of the /goform/WizardHandle POST Request Handler. By manipulating the WANT/WANS argument, an attacker can trigger a stack-based buffer overflow, with remote execution potential. Public disclo...

9CVSS8.1AI score0.02604EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/03/27 12:31 a.m.3 views

EUVD-2026-16454

A vulnerability was identified in code-projects Online Food Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /dbfood/contact.php. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attack remotely. The...

5.3CVSS4.2AI score0.00343EPSS
Exploits0References6
NVD
NVD
added 2026/03/27 12:16 a.m.3 views

CVE-2026-4904

A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit...

9CVSS0.00746EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28694

Name of the Vulnerable Software and Affected Versions code-projects Social Networking Site version 1.0 Description A cross site scripting issue exists due to the manipulation of the content argument within an unknown function of the file '/home.php' of the Alert Handler component. Remote...

5.1CVSS5.2AI score0.00191EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28682

A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. The affected element is an unknown function of the file /DevicePrint.do?Action=ReadTask of the component Parameter Handler. The manipulation of the argument State results in sql injection. The attack can be launch...

7.5CVSS5.8AI score0.00318EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28708

Name of the Vulnerable Software and Affected Versions chatwoot versions prior to 4.11.1 Description A security issue exists in chatwoot that allows for improper authorization. This occurs through manipulation of the signupEnabled argument with the input true within an unknown function of the...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.4 views

PT-2026-28709

Name of the Vulnerable Software and Affected Versions QDOCS Smart School Management System versions up to 7.2 Description A cross site scripting issue exists in QDOCS Smart School Management System. The issue is located in the Admission Enquiry Module, specifically within the /admin/enquiry file...

5.1CVSS5.2AI score0.00189EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28680

A security vulnerability has been detected in mingSoft MCMS up to 5.5.0. Impacted is the function list of the file net/mingsoft/cms/action/web/ContentAction.java of the component Web Content List Endpoint. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit...

6.5CVSS5.7AI score0.00192EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28707

Name of the Vulnerable Software and Affected Versions Open5GS version 2.7.6 Description A security flaw exists in Open5GS 2.7.6, specifically within the CCA Message Handler component and the smf gx cca cb/smf gy cca cb/smf s6b function. This manipulation can lead to a denial of service. The attac...

6.3CVSS5.6AI score0.00566EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.8 views

PT-2026-28698

Name of the Vulnerable Software and Affected Versions SourceCodester Online Quiz System version 1.0 Description A flaw exists in SourceCodester Online Quiz System that allows for cross site scripting. This issue is related to the manipulation of the quiz question argument within the...

5.1CVSS4.7AI score0.00239EPSS
Exploits0References7
Rows per page
Query Builder