PT-2026-38664

Name of the Vulnerable Software and Affected Versions Totolink X5000R version 9.1.0u.6369 B20230113 Description A buffer overflow occurs in the sub 458E40 function within the '/boafrm/formDdns' file. This issue is triggered by the manipulation of the submit-url argument, allowing for remote...

CVE-2026-2855

CVE-2026-2855 affects D-Link DWR-M960 firmware version 1.01.07. The vulnerability stems from the function sub_4648F0 in the DDNS Settings Handler, specifically in the /boafrm/formDdns file. Manipulation of the submit-url argument can trigger a stack-based buffer overflow, enabling remote exploita...

CVE-2026-1970

A flaw has been found in Edimax BR-6258n up to 1.18. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup. This manipulation of the argument submit-url causes open redirect. The attack can be initiated remotely. The exploit has been published and may be used. The...

connexion-energie.com XSS vulnerability

Open Bug Bounty ID: OBB-587608 Description| Value ---|--- Affected Website:| connexion-energie.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...