2388 matches found
PT-2026-42804
Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...
CVE-2026-36227
Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...
Easy Chat Server 安全漏洞
Easy Chat Server is a LAN chat server software developed by Easy Chat Server Inc. Version 3.1 of Easy Chat Server contains a security vulnerability. This vulnerability stems from the UserName parameter, which allows for directory traversal. As a result, remote attackers may gain access to sensiti...
CVE-2026-8775
A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow. It is possible to initiate the attack remotely. The exploit has...
CVE-2026-8775 Edimax BR-6428NS POST Request formL2TPSetup buffer overflow
A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow. It is possible to initiate the attack remotely. The exploit has...
Edimax BR-6428nS 缓冲区错误漏洞
The Edimax BR-6428nS is a wireless router produced by Edimax Corporation. The Edimax BR-6428NS v41.10 version has a buffer overflow vulnerability. This vulnerability stems from the function formL2TPSetup in the POST Request Handler component, which handles the parameter L2TPUserName and leads to ...
CVE-2026-42062
ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...
CVE-2026-42062
ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...
CVE-2026-42062
ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...
CVE-2026-42062
ELECOM wireless LAN access point devices are affected by an OS command injection in the processing of the username parameter. A crafted request can execute arbitrary OS commands with no authentication required. Affected versions are not explicitly listed in the provided documents; CVSS metrics in...
CVE-2026-42062
ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...
PT-2026-40598
Name of the Vulnerable Software and Affected Versions ELECOM wireless LAN access point devices affected versions not specified Description An OS command injection exists in the processing of the username parameter. This allows an unauthenticated attacker to execute arbitrary OS commands by sendin...
EUVD-2026-28521
A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...
CVE-2026-8132 CodeAstro Leave Management System login.php sql injection
A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...
PT-2026-38668
Name of the Vulnerable Software and Affected Versions Prison Management System Using PHP version 1.0 Description An issue exists on the Admin login page where the username parameter is susceptible to SQL injection, a technique that allows an attacker to interfere with the queries that an...
Online-Hospital-Management-System-has-SQL-Injection
Online Hospital Management System has SQL Injection vulnerabil...
CVE-2026-7690
A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...
CVE-2026-7690
A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...
Edimax BR-6208AC 注入漏洞
The Edimax BR-6208AC is a wireless router produced by Edimax of Taiwan, China. Version 1.02 of the Edimax BR-6208AC has a vulnerability related to injection attacks. This vulnerability stems from the setWAN function in the L2TP Mode component, which processes the L2TPUserName parameter. This coul...
Wavlink WL-WN570HA1 注入漏洞
The Wavlink WL-WN570HA1 is a wireless network expansion device produced by the Chinese company Wavlink. The Wavlink WL-WN570HA1 R70HA1 V1410221110 version has a vulnerability related to command injection. This vulnerability stems from the operation of the parameter “Username” in the function...