PT-2025-24383 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 multi Description: A critical vulnerability was found in the Tenda AC15 router, specifically affecting the formSetPPTPUserList function of the /goform/setPptpUserList file in the HTTP POST Request Handler...

PT-2025-24603 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200T versions 4.1.2cu.5232 B20210713 and earlier Description: A critical issue was found in the HTTP POST Request Handler component, affecting an unknown function of the file /boafrm/formReflashClientTbl. The manipulation leads to...

PT-2025-24313 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue was found in the HTTP POST Request Handler component, specifically in the file /boafrm/formWsc. The manipulation of the submit-url argument leads to a buffer overflow. Th...

CVE-2025-5672

A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument url leads to buffer...

CVE-2025-5671

A vulnerability, which was classified as critical, was found in TOTOLINK N302R Plus up to 3.4.0-B20201028. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument servicetype leads to buffer overflow. It is possib...

PT-2025-24061 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical issue affects some unknown functionality of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation of the submit-url argument leads to buffer...

PT-2025-24051 · Totolink · Totolink X15

Name of the Vulnerable Software and Affected Versions: TOTOLINK X15 version 1.0.0-B20230714.1105 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of TOTOLINK X15, affecting the file /boafrm/formWlanRedirect. The manipulation of the redirect-url...

PT-2025-23946 · Totolink · Totolink N302R Plus

Name of the Vulnerable Software and Affected Versions: TOTOLINK N302R Plus versions up to 3.4.0-B20201028 Description: A critical vulnerability was found in the HTTP POST Request Handler component of TOTOLINK N302R Plus. The issue affects an unknown function of the file /boafrm/formPortFw. The...

PT-2025-23947 · Totolink · Totolink N302R Plus

Name of the Vulnerable Software and Affected Versions: TOTOLINK N302R Plus versions up to 3.4.0-B20201028 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically in the unknown functionality of the file /boafrm/formFilter. The manipulation of the url...

CVE-2025-5408

A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3 and WL-WN576K1 up to V1410240222 and classified as critical. Affected by this issue is the function syslogin of the file /cgi-bin/login.cgi of the component HTTP POST Request Handler. The...

CVE-2025-0339

A vulnerability classified as problematic has been found in code-projects Online Bike Rental 1.0. Affected is an unknown function of the file /vehical-details.php of the component HTTP GET Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotel...

CVE-2024-9277

A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remainingtext leads to...

CVE-2024-0300

A vulnerability was found in Byzoro Smart S150 Management Platform up to 20240101. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php of the component HTTP POST Request Handler. The manipulation of the argument webimg lead...

CVE-2024-2482

A vulnerability has been found in Surya2Developer Hostel Management Service 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /checkavailability.php of the component HTTP POST Request Handler. The manipulation of the argument oldpassword lea...

CVE-2024-1196

A vulnerability classified as problematic was found in SourceCodester Testimonial Page Manager 1.0. This vulnerability affects unknown code of the file add-testimonial.php of the component HTTP POST Request Handler. The manipulation of the argument name/description/testimony leads to cross site...

CVE-2024-1021

A vulnerability, which was classified as critical, has been found in Rebuild up to 3.5.5. Affected by this issue is the function readRawText of the component HTTP Request Handler. The manipulation of the argument url leads to server-side request forgery. The attack may be launched remotely. The...

CVE-2024-0412

A vulnerability was found in DeShang DSShop up to 3.1.0. It has been declared as problematic. This vulnerability affects unknown code of the file public/install.php of the component HTTP GET Request Handler. The manipulation leads to improper access controls. The attack can be initiated remotely...

CVE-2024-0357

A vulnerability was found in coderd-repos Eva 1.0.0 and classified as critical. Affected by this issue is some unknown functionality of the file /system/traceLog/page of the component HTTP POST Request Handler. The manipulation of the argument property leads to sql injection. The exploit has been...

CVE-2024-0483

A vulnerability classified as critical was found in Taokeyun up to 1.0.5. This vulnerability affects the function index of the file application/index/controller/app/Task.php of the component HTTP POST Request Handler. The manipulation of the argument cid leads to sql injection. The attack can be...

CVE-2024-0528

A vulnerability, which was classified as critical, was found in CXBSoft Post-Office 1.0. Affected is an unknown function of the file /admin/pages/updatego.php of the component HTTP POST Request Handler. The manipulation of the argument version leads to sql injection. The exploit has been disclose...