Lucene search
K

2388 matches found

Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.15 views

PT-2026-42804

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...

6.5CVSS6.1AI score0.00866EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/22 12:0 a.m.8 views

CVE-2026-36227

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...

6.5CVSS6.1AI score0.00866EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.10 views

Easy Chat Server 安全漏洞

Easy Chat Server is a LAN chat server software developed by Easy Chat Server Inc. Version 3.1 of Easy Chat Server contains a security vulnerability. This vulnerability stems from the UserName parameter, which allows for directory traversal. As a result, remote attackers may gain access to sensiti...

6.5CVSS6AI score0.00866EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/05/18 12:30 a.m.7 views

CVE-2026-8775

A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow. It is possible to initiate the attack remotely. The exploit has...

9CVSS6.1AI score0.00573EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/18 12:30 a.m.47 views

CVE-2026-8775 Edimax BR-6428NS POST Request formL2TPSetup buffer overflow

A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow. It is possible to initiate the attack remotely. The exploit has...

9CVSS0.00573EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/18 12:0 a.m.11 views

Edimax BR-6428nS 缓冲区错误漏洞

The Edimax BR-6428nS is a wireless router produced by Edimax Corporation. The Edimax BR-6428NS v41.10 version has a buffer overflow vulnerability. This vulnerability stems from the function formL2TPSetup in the POST Request Handler component, which handles the parameter L2TPUserName and leads to ...

9CVSS7.6AI score0.00573EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 1:16 p.m.13 views

CVE-2026-42062

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...

9.8CVSS0.01633EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/13 12:1 p.m.10 views

CVE-2026-42062

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...

9.8CVSS7.4AI score0.01633EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/13 12:1 p.m.5 views

CVE-2026-42062

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...

9.8CVSS7.4AI score0.01633EPSS
Exploits0References3Affected Software4
CVE
CVE
added 2026/05/13 12:1 p.m.19 views

CVE-2026-42062

ELECOM wireless LAN access point devices are affected by an OS command injection in the processing of the username parameter. A crafted request can execute arbitrary OS commands with no authentication required. Affected versions are not explicitly listed in the provided documents; CVSS metrics in...

9.8CVSS7.4AI score0.01633EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 12:1 p.m.59 views

CVE-2026-42062

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...

9.8CVSS0.01633EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.9 views

PT-2026-40598

Name of the Vulnerable Software and Affected Versions ELECOM wireless LAN access point devices affected versions not specified Description An OS command injection exists in the processing of the username parameter. This allows an unauthenticated attacker to execute arbitrary OS commands by sendin...

9.8CVSS7.5AI score0.01633EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/08 6:32 a.m.12 views

EUVD-2026-28521

A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...

7.5CVSS6.9AI score0.00254EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/08 3:15 a.m.32 views

CVE-2026-8132 CodeAstro Leave Management System login.php sql injection

A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txtusername causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be...

7.5CVSS0.00254EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.11 views

PT-2026-38668

Name of the Vulnerable Software and Affected Versions Prison Management System Using PHP version 1.0 Description An issue exists on the Admin login page where the username parameter is susceptible to SQL injection, a technique that allows an attacker to interfere with the queries that an...

7.3CVSS5.9AI score0.0081EPSS
Exploits3References7
GithubExploit
GithubExploit
added 2026/05/07 10:1 a.m.43 views

Online-Hospital-Management-System-has-SQL-Injection

Online Hospital Management System has SQL Injection vulnerabil...

6.2AI score
Exploits0
NVD
NVD
added 2026/05/03 10:16 a.m.24 views

CVE-2026-7690

A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...

9.8CVSS0.04971EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/03 9:45 a.m.5 views

CVE-2026-7690

A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...

6.5CVSS6.4AI score0.04971EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.11 views

Edimax BR-6208AC 注入漏洞

The Edimax BR-6208AC is a wireless router produced by Edimax of Taiwan, China. Version 1.02 of the Edimax BR-6208AC has a vulnerability related to injection attacks. This vulnerability stems from the setWAN function in the L2TP Mode component, which processes the L2TPUserName parameter. This coul...

6.5CVSS6.6AI score0.01158EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/03 12:0 a.m.10 views

Wavlink WL-WN570HA1 注入漏洞

The Wavlink WL-WN570HA1 is a wireless network expansion device produced by the Chinese company Wavlink. The Wavlink WL-WN570HA1 R70HA1 V1410221110 version has a vulnerability related to command injection. This vulnerability stems from the operation of the parameter “Username” in the function...

9.8CVSS6.6AI score0.04971EPSS
Exploits1References2
Rows per page
Query Builder