Tenda AC15 /goform/SetLEDCf File Buffer Overflow Vulnerability

The Tenda AC15 is a wireless router from the Chinese company Tenda. Tenda AC15 suffers from a buffer overflow vulnerability, which originates from the parameter Time in the file /goform/SetLEDCf that fails to correctly validate the length and size of the input data, which can be exploited by an...

Unspecified vulnerability in Huawei HarmonyOS (CNVD-2025-15526)

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS version 5.0.0 suffers from a security vulnerability, no details of the vulnerability are provided at this time...

Tenda AC9 /goform/SetRemoteWebCfg File Buffer Overflow Vulnerability

Tenda AC9 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC9 version 15.03.02.13, which originates from the parameter remoteIp in the file /goform/SetRemoteWebCfg that fails to correctly validate the length of the input data, and can be exploit...

TOTOLINK X15 /boafrm/formSaveConfig File Buffer Overflow Vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability, which originates from the failure of the file /boafrm/formSaveConfig parameter submit-url to correctly validate the length and size of the input data ...

Tenda AC15 /goform/SetRemoteWebCfg File Buffer Overflow Vulnerability

The Tenda AC15 is a wireless router from the Chinese company Tenda. Tenda AC15 suffers from a buffer overflow vulnerability, which originates from the parameter remoteIp in the file /goform/SetRemoteWebCfg that fails to correctly validate the length and size of the input data, which can be...

Human Metapneumovirus Testing Management System /new-user-testing.php File SQL Injection Vulnerability

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. The Human Metapneumovirus Testing Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally entered SQL statements in the parameter state...

WordPress 6Storage Rentals plugin authorization issue vulnerability

WordPress 6Storage Rentals plugin is an easy to use plugin that allows tenants to book the desired storage facility on your website. WordPress 6Storage Rentals plugin suffers from an authorization issue vulnerability that stems from a lack of authorization, no details of the vulnerability are...

TOTOLINK X15 /boafrm/formDMZ file buffer overflow vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability, which originates from the failure of the parameter submit-url in the file /boafrm/formDMZ to correctly validate the length and size of the input data,...

Laundry System edit_type.php file cross-site scripting vulnerability

Laundry System is a laundry system. Laundry System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Type in the file /data/edittype.php, which can be exploited by an attacker to execute arbitrary...

Laundry System insert_type.php file cross-site scripting vulnerability

Laundry System is a laundry system. Laundry System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Type in the file /data/inserttype.php, which can be exploited by an attacker to execute arbitrar...

Employee Record Management System /myexp.php File SQL Injection Vulnerability

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter emp3ctc in the file /myexp.php. An attacker can...

TOTOLINK X15 /boafrm/formWsc File Buffer Overflow Vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the parameter submit-url in file /boafrm/formWsc failing to properly validate the length and size of the input data, which can be...

Laundry System edit_laundry.php file cross-site scripting vulnerability

Laundry System is a laundry system. Laundry System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Customer in the file /data/editlaundry.php, which can be exploited by an attacker to execute...

TOTOLINK EX1200T /boafrm/formPortFw File Buffer Overflow Vulnerability

TOTOLINK EX1200T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200T suffers from a buffer overflow vulnerability that originates from the parameter servicetype in the file /boafrm/formPortFw that fails to correctly validate the length and size of the input data...

Tenda AC5 /goform/AdvSetLanip File Buffer Overflow Vulnerability

Tenda AC5 is a wireless router from Tenda, a Chinese company. Tenda AC5 suffers from a buffer overflow vulnerability, which originates from the parameter lanMask in the file /goform/AdvSetLanip that fails to correctly validate the length and size of the input data, which can be exploited by an...

Tenda AC5 /goform/setPptpUserList File Buffer Overflow Vulnerability

Tenda AC5 is a wireless router from Tenda, a Chinese company. A buffer overflow vulnerability exists in Tenda AC5 version 15.03.06.47, which originates from the parameter list in the file /goform/setPptpUserList that fails to correctly validate the length of the input data, and can be exploited b...

Tenda AC8 /goform/SetSysTimeCfg File Buffer Overflow Vulnerability

Tenda AC8 is a wireless router from Tenda, a Chinese company. The Tenda AC8 suffers from a buffer overflow vulnerability, which originates from the parameter timeType in the file /goform/SetSysTimeCfg that fails to properly validate the length of the input data, which can be exploited by an...

WordPress Accessibility Suite plugin authorization issue vulnerability

WordPress Accessibility Suite plugin is a plugin designed to enhance the accessibility of your website. WordPress Accessibility Suite plugin suffers from an authorization issue vulnerability that stems from a lack of authorization, no detailed vulnerability details are provided at this time...

WordPress Activity Plus Reloaded for BuddyPress plugin authorization issue vulnerability

WordPress Activity Plus Reloaded for BuddyPress plugin is an extension plugin that provides additional functionality to the BuddyPress community plugin. WordPress Activity Plus Reloaded for BuddyPress plugin suffers from an authorization issue vulnerability that stems from a lack of authorization...

Employee Record Management System /editmyexp.php File SQL Injection Vulnerability

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter emp3workduration in the file /editmyexp.php. An...

Patient Record Management System view_dental.ph File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter itrno in the file /viewdental.php. An attacker can...

Employee Record Management System /resetpassword.php File SQL Injection Vulnerability

Employee Record Management System is an employee record management system. Employee Record Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter newpassword in the file /resetpassword.php. An...

TOTOLINK X15 /boafrm/formWirelessTbl File Buffer Overflow Vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the parameter submit-url in the file /boafrm/formWirelessTbl that fails to correctly validate the length and size of the input dat...

TOTOLINK X15 /boafrm/formReflashClientTbl File Buffer Overflow Vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the parameter submit-url in file /boafrm/formReflashClientTbl failing to properly validate the length and size of the input data,...

TOTOLINK X15 /boafrm/formPortFw File Buffer Overflow Vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability, which originates from the parameter servicetype in the file /boafrm/formPortFw that fails to properly validate the length and size of the input data,...

Laundry System insert_laundry.php file cross-site scripting vulnerability

Laundry System is a laundry system. Laundry System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Customer in the file /data/insertlaundry.php, which can be exploited by an attacker to execute...

Patient Record Management System birthing.php File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter itrno/compid in the file /birthing.php. An attacker can...

TOTOLINK X15 /boafrm/formIpQoS File Buffer Overflow Vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the parameter mac in the file /boafrm/formIpQoS that fails to correctly validate the length and size of the input data, which can ...

BP Monitoring Management System edit-family-member.php File SQL Injection Vulnerability

BP Monitoring Management System is a bp monitoring management system. BP Monitoring Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter memberage in the file /edit-family-member.php. An...

TOTOLINK EX1200T redirect-url buffer overflow vulnerability

The TOTOLINK EX1200T is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK EX1200T suffers from a buffer overflow vulnerability that originates from a misuse of the parameter redirect-url in the file /boafrm/formWlanRedirect, which can be exploited by an attacker to cause an...

Patient Record Management System view_hematology.php File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter itrno in the file viewhematology.php. An attacker can...

TOTOLINK X15 /boafrm/formNtp File Buffer Overflow Vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the failure of the file /boafrm/formNtp parameter submit-url to correctly validate the length and size of the input data in the...

TOTOLINK X15 /boafrm/formDosCfg File Buffer Overflow Vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the failure of the file /boafrm/formDosCfg parameter submit-url to properly validate the length and size of the input data in the...

TOTOLINK X15 /boafrm/formSetLg File Buffer Overflow Vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the failure of the file /boafrm/formSetLg parameter submit-url to properly validate the length and size of the input data in the...

TOTOLINK X15 /boafrm/formStats file buffer overflow vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the failure of the file /boafrm/formStats parameter submit-url to correctly validate the length and size of the input data in the...

Traffic Offense Reporting System save-reported.php file cross-site scripting vulnerability

Traffic Offense Reporting System is a traffic violation reporting system. Traffic Offense Reporting System has a cross-site scripting vulnerability that originates from the parameter offenseid/vehicleno/driverlicense/name/address/gender/officer in the file /save-reported.php. The lack of effectiv...

TOTOLINK X15 /boafrm/formWlanRedirect File Buffer Overflow Vulnerability

TOTOLINK X15 is a network wireless extender from China's Gion Electronics TOTOLINK. The TOTOLINK X15 suffers from a buffer overflow vulnerability that originates from the failure of the file /boafrm/formWlanRedirect parameter redirect-url to correctly validate the length and size of the input dat...

Unspecified vulnerability in Huawei HarmonyOS and EMUI (CNVD-2025-16596)

Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A security vulnerability exists in Huawei HarmonyOS an...

WordPress Abbie Expander plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Abbie Expander plugin that stems from improper handling of input during page generation and can be exploited by an...

Huawei HarmonyOS Buffer Overflow Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A buffer overflow vulnerability exists in Huawei HarmonyOS version 5.0.0 and 4.3.0, which originates from a program that fails to correctly validate the leng...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14378)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server. The vulnerability is due to incorrect boundary checking of the component MKDIR command handler, no details of the vulnerability are provided at this time...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14379)

FreeFloat FTP Server is a FTP Server software developed by FreeFloat Inc. FreeFloat FTP Server suffers from a BINARY command buffer overflow vulnerability. The vulnerability is caused due to incorrect boundary checking in the component BINARY command handler, and no detailed vulnerability details...

Unauthorized Access Vulnerability in ioLogik E1210 of Mosaic Technology (Shanghai) Co.

The ioLogik E1210 is an Ethernet I/O module that supports daisy-chain topology and is mainly used in industrial automation and device monitoring scenarios. Mosa Technologies Shanghai Co. ioLogik E1210 suffers from an unauthorized access vulnerability, which can be exploited by attackers to obtain...

Tenda CH22 Stack Buffer Overflow Vulnerability

The Tenda CH22 is an enterprise-grade wireless router for small to medium-sized businesses or home office environments. It supports single-band 2.4GHz wireless networks with a maximum transmission rate of up to 450Mbps. A stack buffer overflow vulnerability exists in the Tenda CH22. The...

FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14380)

FreeFloat FTP Server is an FTP service from FreeFloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the failure of the MGET command processing component to properly validate the length size of input data, no details of the vulnerability are provided at this time...

Tenda AC6 Buffer Overflow Vulnerability

The Tenda AC6 is a wireless router from the Chinese company Tenda. The Tenda AC6 suffers from a buffer overflow vulnerability that originates from the parameter time in the setSmartPowerManagement function failing to properly validate the length of the input data, which can be exploited by an...

Online Birth Certificate System all-applications.php File SQL Injection Vulnerability

Online Birth Certificate System is an online birth certificate system. The Online Birth Certificate System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter del in the file /admin/all-applications.php. An...

Daily Expense Tracker System /expense-yearwise-reports-detailed.php File SQL Injection Vulnerability

Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter todate in the file...

FreeScout Security Bypass Vulnerability (CNVD-2025-20781)

FreeScout is an ultra-lightweight and powerful free open source helpdesk and shared inbox built using PHP Laravel framework by FreeScout. FreeScout suffers from a security bypass vulnerability that is caused by improper input validation during user creation. An attacker can exploit the...

TinyFileManager Cross-Site Scripting Vulnerability

TinyFileManager is a web-based file manager. It is used for storing, uploading, editing and managing files and folders online through a web browser. TinyFileManager suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of...