CVE-2026-9346 Edimax EW-7438RPn webs formWirelessTbl buffer overflow

A flaw has been found in Edimax EW-7438RPn up to 1.31. This impacts the function formWirelessTbl of the file /goform/formWirelessTbl of the component webs. Executing a manipulation of the argument submit-url can lead to buffer overflow. The attack may be performed from remote. The exploit has bee...

CVE-2026-2993 AI Chatbot & Workflow Automation by AIWU <= 1.4.17 - Unauthenticated SQL Injection in getListForTbl()

The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.17 due to insufficient escaping on user supplied parameters and lack of sufficient preparation on the existing SQL query in the getListForTbl function. This makes...

Linux Distros Unpatched Vulnerability : CVE-2026-43441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bonding: Fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6ini...

SUSE SLES15 : Recommended update for initial livepatch (SUSE-SU-2026:1643-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1643-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: -...

EUVD-2026-18814

A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...

CVE-2026-5476

A vulnerability was identified in NASA cFS up to 7.0.0 on 32-bit. Affected is the function CFETBLValidateCodecLoadSize of the file cfe/modules/tbl/fsw/src/cfetblpassthrucodec.c. The manipulation leads to integer overflow. The complexity of an attack is rather high. The exploitability is told to b...

CVE-2020-37004

Ultimate Project Manager CRM PRO 2.0.5 contains a blind SQL injection vulnerability that allows attackers to extract usernames and password hashes from the tblusers database table. Attackers can exploit the /frontend/getarticlesuggestion/ endpoint by crafting malicious search parameters to...

CVE-2023-53800

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN: ================================================================== BUG: KASAN: use-after-free in ubiebacopytable+0x11f/0x1c...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988724)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988724 advisory. In the Linux kernel, the following vulnerability has been resolved: ubi: ubicreatevolume: Fix use-after-free when volume creation failed There is an use-after-free...

TOTOLINK EX1200T 安全漏洞

The TOTOLINK EX1200T is a wireless router from TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK EX1200T version 4.1.2cu.5232B20210713. The vulnerability arises due to improper handling of the submit-url parameter of file /boafrm/formWirelessTbl in the HTTP POST request handling...

TOTOLINK X15 安全漏洞

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the parameter submit-url in the file /boafrm/formWirelessTbl that fails to correctly validate the length and size of the input dat...

CVE-2024-7220

A vulnerability was found in SourceCodester/Campcodes School Log Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/printbarcode.php. The manipulation of the argument tbl results in sql injection. It is possible to launch the attack remotely. The exploi...

SourceCodester School Log Management System SQL注入漏洞

SourceCodester School Log Management System is a SourceCodester open source school log management system. A SQL injection vulnerability exists in SourceCodester School Log Management System version 1.0, which originates from the tbl function on the /admin/printbarcode.php page that contains a SQL...

PT-2024-38180

Name of the Vulnerable Software and Affected Versions: SourceCodester School Log Management System version 1.0 Description: A critical issue was found in the SourceCodester School Log Management System, affecting an unknown functionality of the file /admin/print barcode.php. The manipulation of t...

TOTOLINK X2000R Buffer Error Vulnerability

The TOTOLINK X2000R is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web version, which stems from a buffer overflow issue in the formWirelessTbl method...

SUSE CVE-2013-1937

Multiple cross-site scripting XSS vulnerabilities in tblgisvisualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the 1 visualizationSettingswidth or 2 visualizationSettingsheight parameter. NOTE: a third party reports that this ...

phpMyAdmin < 3.3.10.1 / 3.4.1 Multiple Vulnerabilities (PMASA-2011-03 - PMASA-2011-04

The remote host contains a version of phpMyAdmin - 3.3.x less than 3.3.10.1 or 3.4.x less than 3.4.1 - that is affected by multiple vulnerabilities: - The scripts 'tbllinks.php' and 'tbl-tracking' fail to filter input to the 'table' and 'db' parameters. An attacker may be able to exploit this iss...

DEBIAN-CVE-2008-5621

Cross-site request forgery CSRF vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tblstructure.php with a modified table parameter. NOTE: other unspecified pages are also...

DynamicData&#40;dms&#41;Document&amp;Article Script /dm_browse.asp.asp sql injection

DynamicDatadmsDocument&Article Script /dmbrowse.asp.asp sql injection Credit : CodeXpLoder'tq mail : codexploderathotmaildotcom site : Biyosecurity.net,expw0rm.com thx : BiyoSecurityTeam all members thx 3APA3A spec.note : "Live The Life" 1- example.com/patch/dmbrowse.asp?pid=sql methot 1-...

SYSTON&#221;Cfr/portal/ actualites.asp sql injection

SYSTONЭCfr/portal/ actualites.asp sql injection Credit : CodeXpLoder'tq mail : codexploderathotmaildotcom site : Biyosecurity.net,expw0rm.com thx : BiyoSecurityTeam spec.note : "Live The Life" ///////////////////////////////////////////////////////////////// 1-...