CVE-2025-63361

Waveshare RS232/485 TO WIFI ETH B Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 was discovered to render the Administrator password in plaintext...

EUVD-2025-200290

A vulnerability has been found in D-Link R15 AX1500 1.20.01 and below. By manipulating the model name parameter during a password change request in the web administrator page, it is possible to trigger a command injection in httpd...

STEALTHONE多款产品 操作系统命令注入漏洞

The STEALTHONE D220 is a network storage server from STEALTHONE. An operating system command injection vulnerability exists in various STEALTHONE products, which can be exploited to execute arbitrary OS commands by a user with administrative privileges who can log in to the web administration pag...

phpRedisAdmin Cross-Site Scripting Vulnerability

phpRedisAdmin is a web administration page for managing Redis for individual developers. A cross-site scripting vulnerability exists in phpRedisAdmin versions prior to 1.13.2, which stems from the login.php username parameter allowing XSS.No detailed vulnerability details are available at this ti...

MicroWorld MailScan multiple security vulnerabilities

Durectory traversal, authenticatio bypass, crossite scripting, informaiton leak via Web admin page TCP/10443...