CVE-2026-22790

EVerest is an EV charging software stack. Prior to version 2026.02.0, HomeplugMessage::setuppayload trusts len after an assert; in release builds the check is removed, so oversized SLAC payloads are memcpy'd into a 1497-byte stack buffer, corrupting the stack and enabling remote code execution fr...

CVE-2026-22790 EVerest's unchecked SLAC payload length causes stack overflow in HomeplugMessage::setup_payload

EVerest is an EV charging software stack. Prior to version 2026.02.0, HomeplugMessage::setuppayload trusts len after an assert; in release builds the check is removed, so oversized SLAC payloads are memcpy'd into a 1497-byte stack buffer, corrupting the stack and enabling remote code execution fr...

CVE-2026-22790 EVerest's unchecked SLAC payload length causes stack overflow in HomeplugMessage::setup_payload

EVerest is an EV charging software stack. Prior to version 2026.02.0, HomeplugMessage::setuppayload trusts len after an assert; in release builds the check is removed, so oversized SLAC payloads are memcpy'd into a 1497-byte stack buffer, corrupting the stack and enabling remote code execution fr...

EUVD-2026-16197

EVerest is an EV charging software stack. Prior to version 2026.02.0, HomeplugMessage::setuppayload trusts len after an assert; in release builds the check is removed, so oversized SLAC payloads are memcpy'd into a 1497-byte stack buffer, corrupting the stack and enabling remote code execution fr...

EUVD-2018-3563

Malware in sbrugna...

SITEMAKIN SLAC SQL Injection Vulnerability

SITEMAKIN SLAC Site Login and Access Control is a website login and access control software. A SQL injection vulnerability exists in the 'myitemsearch' parameter of the users.php file in SITEMAKIN SLAC version 1.0. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

Sql injection

An issue was discovered in SITEMAKIN SLAC Site Login and Access Control v1.0. The parameter "myitemsearch" in users.php is exploitable using SQL injection...

CVE-2018-11535

An issue was discovered in SITEMAKIN SLAC Site Login and Access Control v1.0. The parameter "myitemsearch" in users.php is exploitable using SQL injection...

CVE-2018-11535

An issue was discovered in SITEMAKIN SLAC Site Login and Access Control v1.0. The parameter "myitemsearch" in users.php is exploitable using SQL injection...

CVE-2018-11535

CVE-2018-11535 – SITEMAKIN SLAC v1.0 SQL Injection in the parameter my_item_search of users.php (SITEMAKIN SLAC) is documented with a SQL injection vulnerability. Connected CNVD-2018-10676 confirms a remote attacker can exploit this to execute arbitrary SQL commands in the backend. The vulnerabil...

Sitemakin SLAC 1.0 - my_item_search SQL Injection Vulnerability

CVE-2018-11535 Exploit Title: SLAC v1.0: Blind SQL Injection / XPath Injection Vendor Homepage: https://sitemakin.com/login-script-demo Exploit Author: Divya Jain Version: v1.0 CVE: CVE-2018-11535 Category: Webapps Severity: High Tested on: KaLi LinuXx64 Proof of Concept:...

Sitemakin SLAC 1.0 - my_item_search SQL Injection

Sitemakin SLAC 1.0 - myitemsearch SQL Injection Exploit Title: SLAC v1.0: Blind SQL Injection / XPath Injection Date: 29-05-2018 Vendor Homepage: https://sitemakin.com/login-script-demo Exploit Author: Divya Jain Version: v1.0 CVE: CVE-2018-11535 Category: Webapps Severity: High Tested on: KaLi...

Sitemakin SLAC 1.0 - 'my_item_search' SQL Injection

Exploit Title: SLAC v1.0: Blind SQL Injection / XPath Injection Date: 29-05-2018 Vendor Homepage: https://sitemakin.com/login-script-demo Exploit Author: Divya Jain Version: v1.0 CVE: CVE-2018-11535 Category: Webapps Severity: High Tested on: KaLi LinuXx64 Proof of Concept:...