CVE-2025-6099 szluyu99 gin-vue-blog PATCH Request manager.go improper authorization

A vulnerability was found in szluyu99 gin-vue-blog up to 61dd11ccd296e8642a318ada3ef7b3f7776d2410. It has been declared as critical. This vulnerability affects unknown code of the file gin-blog-server/internal/manager.go of the component PATCH Request Handler. The manipulation leads to improper...

PT-2025-25551 · D Link · D-Link Dir-632

Name of the Vulnerable Software and Affected Versions: D-Link DIR-632 version FW103B08 Description: A critical issue has been found in the function get pure content of the component HTTP POST Request Handler. The manipulation of the argument Content-Length leads to a stack-based buffer overflow...

PT-2025-25509 · Unknown · Szluyu99 Gin-Vue-Blog

Name of the Vulnerable Software and Affected Versions: szluyu99 gin-vue-blog up to 61dd11ccd296e8642a318ada3ef7b3f7776d2410 Description: A critical vulnerability was found in the PATCH Request Handler component of szluyu99 gin-vue-blog, affecting unknown code in the file...

CVE-2025-5912

A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function dofile of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been...

CVE-2025-5909

A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713. Affected is an unknown function of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to launch th...

CVE-2025-5908

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be...

📄 WordPress HyperComments 1.2.2 Privilege Escalation

The HyperComments plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the hcrequesthandler function in all versions up to, and including, 1.2.2. This makes it possible for unauthenticated attackers to...

CVE-2025-5901

A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and classified as critical. This vulnerability affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument File leads to buffer overflow. The attack can...

CVE-2025-5969

A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN00425fd8 of the file /biurlgrou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched...

CVE-2025-5847

A vulnerability has been found in Tenda AC9 15.03.02.13 and classified as critical. Affected by this vulnerability is the function formSetSafeWanWebMan of the file /goform/SetRemoteWebCfg of the component HTTP POST Request Handler. The manipulation of the argument remoteIp leads to stack-based...

CVE-2025-5912

A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function dofile of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been...

CVE-2025-5911

A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched...

CVE-2025-5911

A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched...

CVE-2025-5909

A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713. Affected is an unknown function of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to launch th...

CVE-2025-5907 TOTOLINK EX1200T HTTP POST Request formFilter buffer overflow

A vulnerability classified as critical was found in TOTOLINK EX1200T up to 4.1.2cu.5232B20210713. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The...

CVE-2025-5904

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. Affected by this vulnerability is the function setWiFiMeshName of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument devicename leads to buffer overflow. Th...

CVE-2025-5905

CVE-2025-5905 affects TOTOLINK T10 v4.1.8cu.5207. The vulnerability is in the POST Request Handler, specifically the function setWiFiRepeaterCfg in the file /cgi-bin/cstecgi.cgi where manipulation of the Password parameter leads to a buffer overflow. The issue can be exploited remotely and the ex...

TOTOLINK EX1200T 安全漏洞

The TOTOLINK EX1200T is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200T suffers from a buffer overflow vulnerability that originates in the file /boafrm/formReflashClientTbl in the HTTP POST Request Handler component, which can be exploited by an attacker to execute...

PT-2025-25624 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability was found in the HTTP POST Request Handler of TOTOLINK X15. The issue affects unknown code of the file /boafrm/formTmultiAP. The manipulation of the submit-url...

PT-2025-24683 · Octoprint · Octoprint

Name of the Vulnerable Software and Affected Versions: OctoPrint versions up to and including 1.11.1 Description: The issue allows any unauthenticated attacker to send a manipulated broken multipart/form-data request to OctoPrint, making the web server component become unresponsive. This can be...