CVE-2026-48157

Slim is a PHP micro framework that enables users to write simple web applications and APIs. In versions 4.4.0 through 4.15, if an application uses HttpException::setTitle and/or setDescription to include untrusted/request-derived data in the error title or description e.g. "No products found...

EUVD-2026-25788

A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. This manipulation of the argument page causes buffer overflow. The attack can be initiated remotely. The exploit has been...

CVE-2026-6631

A vulnerability was determined in Tenda F451 1.0.0.7cnsvn7958. Impacted is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. Executing a manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The...

CVE-2026-3726

CVE-2026-3726 affects Tenda F453 1.0.0.3. A stack-based buffer overflow exists in the fromwebExcptypemanFilter function located in /goform/webExcptypemanFilter, triggered by manipulating the page argument. The issue can be exploited remotely and the exploit has been publicly disclosed. There is n...

CVE-2023-6211

If an attacker needed a user to load an insecure http: page and knew that user had enabled HTTPS-only mode, the attacker could have tricked the user into clicking to grant an HTTPS-only exception if they could get the user to participate in a clicking game. This vulnerability affects Firefox 120...

CVE-2016-7571

Cross-site scripting XSS vulnerability in Drupal 8.x before 8.1.10 allows remote attackers to inject arbitrary web script or HTML via vectors involving an HTTP exception...