WordPress Skyward theme <= 1.10 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Skyward versions = 1.10...

CVE-2026-9297

A security vulnerability has been detected in Edimax BR-6428NS 1.10. Affected is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. The manipulation of the argument repeaterSSID leads to command injection. The attack may be initiated remotely. The...

Edimax BR-6428nS 命令注入漏洞

The Edimax BR-6428nS is a wireless router produced by Edimax Corporation. Version 1.10 of the Edimax BR-6428nS contains a command injection vulnerability. This vulnerability stems from improper handling of the parameter “repeaterSSID” in the formWlbasic function within the POST request processing...

Edimax BR-6428nS 命令注入漏洞

The Edimax BR-6428nS is a wireless router produced by Edimax Corporation. Version 1.10 of the Edimax BR-6428nS has a command injection vulnerability. This vulnerability stems from improper handling of multiple parameters in the system function of the goform/formWlanM file during POST request...

CVE-2026-42367

A privilege escalation vulnerability exists in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to credentials leak. An attacker can visit a webpage to trigger this vulnerability...

EUVD-2026-26855

An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An attacker can modify a configuration value to trigger this vulnerability...

GeoVision LPC2011和GeoVision LPC2211 安全漏洞

Both GeoVision LPC2011 and GeoVision LPC2211 are network monitoring control devices produced by the Chinese company GeoVision. Version 1.10 of GeoVision LPC2011 and GeoVision LPC2211 contain security vulnerabilities. These vulnerabilities stem from predictable session cookies within the Web...

PT-2026-36734

Multiple reflected cross-site scripting xss vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerabili...

GeoVision LPC2011和GeoVision LPC2211 操作系统命令注入漏洞

Both GeoVision LPC2011 and GeoVision LPC2211 are network monitoring and control devices produced by the Chinese company GeoVision. Versions 1.10 of GeoVision LPC2011 and GeoVision LPC2211 contain a vulnerability related to operating system command injection. This vulnerability stems from the OS...

CVE-2018-25287 Drive Power Manager 1.10 Denial of Service via Name Field

Drive Power Manager 1.10 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Name field. Attackers can paste a 6000-byte payload into the Name field and click Register to trigger a denial of service condition...

D-Link DIR-513 安全漏洞

The D-Link DIR-513 is a wireless router product from D-Link Corporation. Version 1.10 of the D-Link DIR-513 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/formSetRoute, specifically the parameter curTime, which may lead to a...

PT-2026-31872

Name of the Vulnerable Software and Affected Versions D-Link DIR-513 version 1.10 Description A security issue has been identified in D-Link DIR-513 version 1.10. The formSetPassword function within the POST Request Handler component, located in the file /goform/formSetPassword, is susceptible to...

D-Link DIR-513 安全漏洞

The D-Link DIR-513 is a wireless router product from the D-Link company. Version 1.10 of the D-Link DIR-513 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/formAdvanceSetup, which may lead to a buffer overflow...

D-Link DIR-513 安全漏洞

The D-Link DIR-513 is a wireless router product from D-Link Corporation. Version 1.10 of the D-Link DIR-513 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter curTime in the file/goform/formSetPassword, which may lead to a buffer overflow...

EUVD-2026-15868

Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through 1.10...

CVE-2026-32512

Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through 1.10...

CVE-2026-4555

A weakness has been identified in D-Link DIR-513 1.10. The impacted element is the function formEasySetTimezone of the file /goform/formEasySetTimezone of the component boa. This manipulation of the argument curTime causes stack-based buffer overflow. The attack can be initiated remotely. The...

D-Link DIR-513 安全漏洞

The D-Link DIR-513 is a wireless router product from D-Link Corporation. Version 1.10 of the D-Link DIR-513 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “curTime” in the file/goform/formEasySetTimezone, which may lead to a stack buffer...

D-Link DIR-513 操作系统命令注入漏洞

The D-Link DIR-513 is a wireless router product from the D-Link company. The D-Link DIR-513 1.10 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect handling of parameters in the file/goform/formSysCmd, specifically the sysCmd...

D-Link DIR-513 安全漏洞

The D-Link DIR-513 is a wireless router product from D-Link Corporation. Version 1.10 of the D-Link DIR-513 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters in the file/goform/formEasySetupWizard3, specifically the parameter “wanconnected”. This...