The vulnerability of the built-in boa server (/boafrm/formParentControl) of the TOTOLINK A3002RU router’s microprogramming software allows a intruder to cause a service failure.

The vulnerability of the built-in boa server /boafrm/formParentControl of the TOTOLINK A3002RU router’s microprogramming software is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious acto...

The vulnerability of the built-in boa server (/boafrm/formWlSiteSurvey) of TOTOLINK A3002RU router microprogramming software allows a intruder to cause a service failure.

The vulnerability of the built-in boa server /boafrm/formWlSiteSurvey of the TOTOLINK A3002RU router’s microprogramming software is related to the issue of the operation exceeding the buffer boundaries in memory when processing the submit-url parameter. Exploiting this vulnerability allows a...

CVE-2025-6939

A vulnerability classified as critical has been found in TOTOLINK A3002RU 3.0.0-B20230809.1615. Affected is an unknown function of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to...

TOTOLINK A3002RU 安全漏洞

TOTOLINK A3002RU is a wireless router product from China's Gion Electronics TOTOLINK. The TOTOLINK A3002RU version 3.0.0-B20230809.1615 suffers from a buffer overflow vulnerability, which originates from the parameter submit-url in the file /boafrm/formWlSiteSurvey failing to correctly validate t...

TOTOLINK A3002RU 安全漏洞

TOTOLINK A3002RU is a wireless router product from China's Gion Electronics TOTOLINK. The TOTOLINK A3002RU suffers from a buffer overflow vulnerability, which originates from the failure of the parameter submit-url in the file /boafrm/formParentControl to correctly validate the length and size of...

TOTOLINK A702r 安全漏洞

The TOTOLINK A702r is a router device from China's Gion Electronics TOTOLINK. The TOTOLINK A702r version 4.0.0-B20230721.1521 suffers from a buffer overflow vulnerability, which originates from the parameter submit-url in the file /boafrm/formParentControl that fails to validate the length and si...

CVE-2025-28988

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Reflected XSS.This issue affects WP Front User Submit / Front Editor: from n/a through = 4.9.3...

CVE-2025-6825

A vulnerability classified as critical was found in TOTOLINK A702R up to 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWlSiteSurvey of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

CVE-2025-6824

A vulnerability classified as critical has been found in TOTOLINK X15 up to 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible ...

TOTOLINK X15 安全漏洞

TOTOLINK X15 is a network wireless extender manufactured by China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from improper handling of the submit-url parameter in the /boafrm/formParentControl file in the HTTP POST request handling...

TOTOLINK A702r 安全漏洞

The TOTOLINK A702R is a router device manufactured by China's Gion Electronics TOTOLINK. The TOTOLINK A702R suffers from a buffer overflow vulnerability that originates from improper handling of the submit-url parameter in the /boafrm/formWlSiteSurvey file in the HTTP POST request handling...

OESA-2025-1667 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the unmount path, at closectree, we first stop the cleaner kthread, usi...

CVE-2025-28988

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Reflected XSS.This issue affects WP Front User Submit / Front Editor: from n/a through = 4.9.3...

CVE-2025-28988

CVE-2025-28988 is a reflected Cross-Site Scripting (XSS) in the WordPress plugin WP Front User Submit / Front Editor, affecting versions up to 4.9.3. The issue stems from improper input neutralization during web page generation, enabling a reflected XSS that requires user interaction and has CVSS...

CVE-2025-28988 WordPress WP Front User Submit / Front Editor plugin <= 4.9.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Reflected XSS.This issue affects WP Front User Submit / Front Editor: from n/a through = 4.9.3...

WordPress plugin WP Front User Submit / Front Editor 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

TOTOLINK A702R Buffer Overflow Vulnerability (CNVD-2025-14524)

The TOTOLINK A702R is a router device manufactured by China's Gion Electronics TOTOLINK. The TOTOLINK A702R suffers from a buffer overflow vulnerability that stems from the improper handling of the parameter submit-url in the file /boafrm/formIpv6Setup. No detailed vulnerability details are...

TOTOLINK A702r 安全漏洞

The TOTOLINK A702R is a router device manufactured by China's Gion Electronics TOTOLINK. The TOTOLINK A702R suffers from a buffer overflow vulnerability that stems from the improper handling of the parameter submit-url in the file /boafrm/formIpv6Setup. No detailed vulnerability details are...

WordPress plugin Aiomatic - AI Content Writer, Editor, ChatBot & AI Toolkit 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists in...

TOTOLINK EX1200T 安全漏洞

The TOTOLINK EX1200T is a dual-band wireless signal amplifier that is primarily used to extend the coverage of an existing wireless network. The TOTOLINK EX1200T suffers from a buffer overflow vulnerability that stems from the HTTP POST request handler mishandling the parameter submit-url. No...