CVE-2026-5642

A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown function of the file /viva/update.php of the component HTTP POST Request Handler. This manipulation of the argument Name causes improper authorization. It ...

CVE-2026-2952

CVE-2026-2952 affects Vaelsys 4.1.0, specifically the HTTP POST Request Handler’s file /tree/tree_server.php. The vulnerability arises from manipulating the xajaxargs argument, enabling remote OS command injection. Exploitation can be performed remotely, and the exploit has been published. Multip...

CVE-2025-15217

A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely...

EUVD-2025-205504

A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function zfilev2apiopen of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has...

EUVD-2025-205507

A vulnerability was identified in ZSPACE Z4Pro+ 1.0.0440024. The impacted element is the function zfilev2apiCloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. Such manipulation leads to command injection. It is possible to launch the attack remotely. The exploit...

CVE-2025-15132 ZSPACE Z4Pro+ HTTP POST Request open zfilev2_api_open command injection

A vulnerability was determined in ZSPACE Z4Pro+ 1.0.0440024. The affected element is the function zfilev2apiopen of the file /v2/file/safe/open of the component HTTP POST Request Handler. This manipulation causes command injection. It is possible to initiate the attack remotely. The exploit has...

EUVD-2025-28712

Malicious code in bioql PyPI...

CVE-2025-10803

A vulnerability has been found in Tenda AC23 up to 16.03.07.52. Affected by this vulnerability is the function sscanf of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. It is possible to launch the...

CVE-2025-7465

A vulnerability classified as critical was found in Tenda FH1201 1.2.0.14. Affected by this vulnerability is the function fromRouteStatic of the file /goform/fromRouteStatic of the component HTTP POST Request Handler. The manipulation of the argument page leads to buffer overflow. The attack can ...

CVE-2025-7460

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...

CVE-2025-5672

A vulnerability has been found in TOTOLINK N302R Plus up to 3.4.0-B20201028 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument url leads to buffer...

CVE-2024-0352

A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to...

CVE-2024-12183

A vulnerability, which was classified as problematic, was found in DedeCMS 5.7.116. This affects the function RemoveXSS of the file /plus/carbuyaction.php of the component HTTP POST Request Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Th...

CVE-2024-7158

A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050B20200504. It has been declared as critical. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument telnetenabled leads to command...

PT-2024-15643 · Cxbsoft · Cxbsoft Post-Office

Name of the Vulnerable Software and Affected Versions: CXBSoft Post-Office versions up to 1.0 Description: A critical issue was found in the HTTP POST Request Handler component, specifically in the file /apps/reg go.php. The manipulation of the username reg argument leads to sql injection. The...

PT-2024-15640 · Unknown · Cxbsoft Url-Shorting

Name of the Vulnerable Software and Affected Versions: CXBSoft Url-shorting versions up to 1.3.1 Description: A critical issue has been found in the processing of the file /admin/pages/update go.php of the component HTTP POST Request Handler. The manipulation of the version argument leads to SQL...

CVE-2023-7222

A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The atta...

PT-2023-32900 · Unknown · Code-Projects Client Details System

Name of the Vulnerable Software and Affected Versions: code-projects Client Details System version 1.0 Description: A vulnerability has been found in the code-projects Client Details System, affecting the file /admin/regester.php of the component HTTP POST Request Handler. The manipulation of the...