145 matches found
CVE-2024-0930
A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49multiTDE01. This affects the function fromSetWirelessRepeat. The manipulation of the argument wpapskcrypto leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...
CVE-2023-32267
A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Management Center. The vulnerability could be remotely exploited...
CVE-2023-2391
A vulnerability was found in Netgear SRX5308 up to 4.3.5-3 and classified as problematic. This issue affects some unknown processing of the file scgi-bin/platform.cgi?page=timezone.htm of the component Web Management Interface. The manipulation of the argument ntp.server2 leads to cross site...
CVE-2023-2393
A vulnerability was found in Netgear SRX5308 up to 4.3.5-3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file scgi-bin/platform.cgi?page=dmzsetup.htm of the component Web Management Interface. The manipulation of the argument...
CVE-2018-25038
A vulnerability was found in Thomson TCW710 ST5D.10.05. It has been classified as problematic. This affects an unknown part of the file /goform/RgDhcp. The manipulation of the argument PppUserName with the input as part of POST Request leads to cross site scripting Persistent. It is possible to...
PT-2025-22944 · D Link · D-Link Dcs-5020L
Name of the Vulnerable Software and Affected Versions: D-Link DCS-5020L version 1.01 B2 Description: A critical vulnerability has been found in the function websReadEvent of the file /rame/ptdc.cgi. The manipulation of the Authorization argument leads to a stack-based buffer overflow. It is...
CVE-2025-5011 moonlightL hexo-boot Dynamic List Page index.html cross site scripting
A vulnerability classified as problematic was found in moonlightL hexo-boot 4.3.0. This vulnerability affects unknown code of the file /admin/home/index.html of the component Dynamic List Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has...
CVE-2025-4858
A vulnerability was found in D-Link DAP-2695 120b36r137ALLen20210528. It has been declared as problematic. This vulnerability affects unknown code of the file /advarpspoofing.php of the component ARP Spoofing Prevention Page. The manipulation of the argument harpmac leads to cross site scripting...
CVE-2025-4745
CVE-2025-4745 affects the code-projects Employee Record System 1.0 , specifically the file current_employees.php . The vulnerability arises from improper handling of the arguments employeed_id , first_name , middle_name , and last_name , leading to a cross-site scripting (XSS) condition. Exploita...
PT-2025-21594 · Unknown · Campcodes Sales/Inventory System
Name of the Vulnerable Software and Affected Versions: Campcodes Sales and Inventory System version 1.0 Description: A critical vulnerability has been found in the Campcodes Sales and Inventory System, affecting an unknown functionality of the file /pages/product.php. The manipulation of the...
CVE-2025-4551
A vulnerability, which was classified as problematic, was found in ContiNew Admin up to 3.6.0. Affected is an unknown function of the file /dev-api/common/file. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-4491
A vulnerability classified as critical was found in Campcodes Online Food Ordering System 1.0. This vulnerability affects unknown code of the file /routers/ticket-status.php. The manipulation of the argument ticketid leads to sql injection. The attack can be initiated remotely. The exploit has be...
CVE-2025-4510
A vulnerability was found in Changjietong UFIDA CRM 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /optnty/optntyday.php. The manipulation of the argument gblOrgID leads to sql injection. The attack can be initiated remotely. The exploit has been...
CVE-2025-4494 JAdmin-JAVA JAdmin Admin Backend NoNeedLoginController.java toLogin improper authentication
A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected is the function toLogin of the file NoNeedLoginController.java of the component Admin Backend. The manipulation leads to improper authentication. It is possible to launch the attack remotely. The...
CVE-2025-4151 PHPGurukul Curfew e-Pass Management System pass-bwdates-reports-details.php sql injection
A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/pass-bwdates-reports-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be initiated...
CVE-2025-4113 PHPGurukul Curfew e-Pass Management System edit-pass-detail.php sql injection
A vulnerability was found in PHPGurukul Curfew e-Pass Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/edit-pass-detail.php. The manipulation of the argument editid leads to sql injection. The attack may be initiated remotely. The...
CVE-2025-4071 PHPGurukul COVID19 Testing Management System test-details.php sql injection
A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /test-details.php. The manipulation of the argument Status leads to sql injection. The attack can be initiated remotely. The exploit h...
CVE-2025-4014 PHPGurukul Art Gallery Management System manage-art-medium.php sql injection
A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/manage-art-medium.php. The manipulation of the argument artmed leads to sql injection. The attack can be...
CVE-2025-4000
A vulnerability, which was classified as problematic, was found in Seeyon Zhiyuan OA Web Application System 8.1 SP2. Affected is an unknown function of the file seeyon\opt\Seeyon\A8\ApacheJetspeed\webapps\seeyon\ssoproxy\jsp\ssoproxy.jsp. The manipulation of the argument Name leads to cross site...
CVE-2025-3562 Yonyou YonBIP userfile FileInputStream path traversal
A vulnerability was found in Yonyou YonBIP MA2.7. It has been declared as problematic. Affected by this vulnerability is the function FileInputStream of the file /mobsm/common/userfile. The manipulation of the argument path leads to path traversal. The attack can be launched remotely. The exploit...