130931 matches found
Unspecified Vulnerability in Ubiquiti UniFi Protect Application
The Ubiquiti UniFi Protect Application is an enterprise-grade security monitoring platform that supports both home and business users. A security vulnerability exists in Ubiquiti UniFi Protect Application, which stems from a misconfigured access token mechanism that can be exploited by an attacke...
Online Course Registration coursecode parameter SQL injection vulnerability
Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter coursecode in the file /admin/course.php. An attacker can...
Beauty Parlour Management System /admin/admin-profile.php File SQL Injection Vulnerability
Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of the contactnumber parameter in the fil...
Park Ticketing Management System /view-normal-ticket.php File SQL Injection Vulnerability
Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter viewid in the file /view-normal-ticket.php. An...
Complaint Management System /admin/admin-profile.php File SQL Injection Vulnerability
Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter mobilenumber in the file /admin/admin-profile.php. An attacker can...
Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-31001)
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. The Daily Expense Tracker System suffers from a SQL injection vulnerability that stems from a lack of validation of externally-entered SQL statements in the email parameter of the file /forgot-password.php. An...
GNU C Library Code Problem Vulnerability
The GNU C Library is an open source, free C language compiler from the GNU community released under the LGPL license. A code issue vulnerability exists in GNU C Library, which can be exploited by an attacker to cause dynamic shared library loading...
Ubiquiti UniFi Protect Cameras Heap Buffer Overflow Vulnerability
Ubiquiti UniFi Protect Cameras is a line of security cameras from Ubiquiti Networks that support the UniFi Protect platform for centralized management with remote access, smart monitoring and more. Ubiquiti UniFi Protect Cameras suffers from a heap buffer overflow vulnerability that originates fr...
FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14500)
FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the failure of the HASH Command Handler component to properly validate the length size of input data, no details of the vulnerability are provided at this time...
Tenda A15 Denial of Service Vulnerability
Tenda A15 is a WiFi extender from Tenda China. Tenda A15 suffers from a denial of service vulnerability that originates from an incorrect operation of the function formArpNerworkSet in the file /goform/ArpNerworkSet, which can be exploited by an attacker to cause a denial of service...
CampCodes Online Shopping Portal /my-cart.php File SQL Injection Vulnerability
CampCodes Online Shopping Portal is an online shopping portal from CampCodes, Inc. CampCodes Online Shopping Portal suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter billingaddress in file /my-cart.php. An...
CampCodes Sales and Inventory System /pages/purchase_delete.php File SQL Injection Vulnerability
CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. The CampCodes Sales and Inventory System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter prid in the file...
Beauty Parlour Management System /contact.php File SQL Injection Vulnerability
Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of an externally-entered SQL statement in...
Google Cloud Classic Application Load Balancer Input Validation Error Vulnerability
Google Cloud Classic Application Load Balancer is a legacy application load balancing service from Google, Inc. that is used to automatically distribute traffic to back-end service instances in a cloud environment. An input validation error vulnerability exists in Google Cloud Classic Application...
D-Link DI-7003GV2 /H5/versionupdate.data File Information Disclosure Vulnerability
The D-Link DI-7003GV2 is a router from China-based AUO D-Link. The D-Link DI-7003GV2 suffers from an information disclosure vulnerability that originates in the file /H5/versionupdate.data function sub48F4F0, which is not sufficiently protected against sensitive information and can be exploited b...
D-Link DI-8100 Buffer Overflow Vulnerability
The D-Link DI-8100 is a wireless broadband router designed for small to medium-sized network environments from China's D-Link. The D-Link DI-8100 suffers from a buffer overflow vulnerability that originates from a failure to properly validate the length of input data for the parameters...
D-Link DI-7003GV2 /H5/state_view.data File Information Disclosure Vulnerability
The D-Link DI-7003GV2 is a router from China-based AUO D-Link. The D-Link DI-7003GV2 suffers from an information disclosure vulnerability that originates in the file /H5/stateview.data function sub41E304, which is not sufficiently protected for sensitive information and can be exploited by an...
Credit Card Application Management System Cross-Site Scripting Vulnerability
Credit Card Application Management System is a credit card application management system. Credit Card Application Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file...
FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14504)
FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the component MPUT Command Handler failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...
FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14503)
FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the component MLS Command Handler failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...
FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14502)
FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the MDELETE Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...
FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14501)
FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the LCD Command Handler component failing to properly validate the length size of the input data, no details of the vulnerability are provided at this time...
FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14499)
FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the GLOB Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...
FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14498)
FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the DELETE Command Handler component failing to properly validate the length size of the input data, no details of the vulnerability are provided at this time...
FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14497)
FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the component CD Command Handler failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...
FreeFloat FTP Server Buffer Overflow Vulnerability (CNVD-2025-14496)
FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server, which stems from the component CCC Command Handler failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...
Beauty Parlour Management System /forgot-password.php File SQL Injection Vulnerability
Beauty Parlour Management System is a software system for standardizing salon business processes and improving management efficiency. Beauty Parlour Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally entered SQL statements in t...
CampCodes Sales and Inventory System /pages/ci_update.php File SQL Injection Vulnerability
CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. The CampCodes Sales and Inventory System suffers from a SQL injection vulnerability that stems from a lack of validation of an externally entered SQL statement in the parameter Name in the file...
Fuji Electric V-SFT CDataRomErrorCheck::MacroCommandCheck function buffer overflow vulnerability
Fuji Electric V-SFT is a screen configuration software from Fuji Electric Japan. A buffer overflow vulnerability exists in FUJI ELECTRIC V-SFT, which originates from the CDataRomErrorCheck::MacroCommandCheck function in VS6EditData that fails to correctly validate the length and size of the input...
Daily Expense Tracker System SQL Injection Vulnerability (CNVD-2025-30999)
Daily Expense Tracker System is a PHP and MySQL based daily expense tracking system. The Daily Expense Tracker System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the fromdate/todate parameter of file...
Park Ticketing Management System /add-normal-ticket.php File SQL Injection Vulnerability
Park Ticketing Management System is a park ticketing management system. Park Ticketing Management System suffers from a SQL injection vulnerability, which originates from the lack of validation of externally-entered SQL statements in the parameter noadult/nochildren/aprice/cprice in the file...
CampCodes Sales and Inventory System /pages/purchase_add.php File SQL Injection Vulnerability
CampCodes Sales and Inventory System is a sales and inventory system from CampCodes, Inc. The CampCodes Sales and Inventory System suffers from a SQL injection vulnerability that stems from a lack of validation of the parameter ID in the file /pages/purchaseadd.php for externally entered SQL...
D-Link DI-7003GV2 /H5/netconfig.asp File Authorization Issue Vulnerability
The D-Link DI-7003GV2 is a router from China-based AUO D-Link. The D-Link DI-7003GV2 has an authorization issue vulnerability that originates from improper privilege management of the function sub497DE4 in the file /H5/netconfig.asp, for which no detailed vulnerability details are provided at thi...
Auto Taxi Stand Management System /admin/auto-taxi-entry-detail.php File SQL Injection Vulnerability
Auto Taxi Stand Management System is an auto cab stand management system. Auto Taxi Stand Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter price in the file...
CampCodes Online Shopping Portal /my-account.php File SQL Injection Vulnerability
CampCodes Online Shopping Portal is an online shopping portal from CampCodes, Inc. CampCodes Online Shopping Portal suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter Name in the file /my-account.php. An attacker...
Tenda AC10 Buffer Overflow Vulnerability
The Tenda AC10 is a wireless router from the Chinese company Tenda. Tenda AC10 suffers from a buffer overflow vulnerability, which originates from the parameter getuid in the file /goform/UserCongratulationsExec that fails to correctly validate the length and size of the input data, which can be...
News Portal /aboutus.php File SQL Injection Vulnerability
News Portal is a news portal. News Portal suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter pagetitle in the file /admin/aboutus.php. An attacker can exploit this vulnerability to execute illegal SQL comman...
Online Course Registration /admin/level.php File SQL Injection Vulnerability
Online Course Registration is an online course registration system. Online Course Registration suffers from a SQL injection vulnerability that originates from the lack of validation of externally-entered SQL statements in the parameter level in the file /admin/level.php. An attacker can exploit...
D-Link DAP-2695 /adv_dhcps.php file cross-site scripting vulnerability
The D-Link DAP-2695 is a high-performance dual-band wireless access point from China's AUO D-Link. The D-Link DAP-2695 suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter fmac in the file...
TOTOLINK N300RH plugin_name parameter command injection vulnerability
TOTOLINK N300RH is a long range wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N300RH suffers from a command injection vulnerability that stems from the parameter pluginname in the file /cgi-bin/cstecgi.cgi failing to correctly filter constructed command special characters,...
TOTOLINK N300RH url parameter command injection vulnerability
TOTOLINK N300RH is a long range wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N300RH suffers from a command injection vulnerability that stems from the failure of the parameter url in the file /cgi-bin/cstecgi.cgi to correctly filter constructed command special characters,...
TOTOLINK N300RH Command Injection Vulnerability
TOTOLINK N300RH is a long range wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N300RH suffers from a command injection vulnerability that stems from the parameter FileName in the file /cgi-bin/cstecgi.cgi failing to properly filter constructed command special characters,...
PCMan FTP Server Buffer Overflow Vulnerability
PCMan FTP Server is PCMan open source set of FTP server software. PCMan FTP Server suffers from a buffer overflow vulnerability, which originates from the component REST Command Handler fails to properly validate the length and size of the input data, and can be exploited by an attacker to cause ...
Employee Record System dashboardedit_employee.php file cross-site scripting vulnerability
Employee Record System is an employee record system. Employee Record System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters employeedid/firstname/middlename/lastname in the file...
Fuji Electric V-SFT CDrawSLine::GetRectArea function buffer overflow vulnerability
Fuji Electric V-SFT is a screen configuration software from Fuji Electric Japan. Fuji Electric V-SFT suffers from a buffer overflow vulnerability that originates from the CDrawSLine::GetRectArea function in VS6EditData that fails to correctly validate the length and size of the input data, which...
IceWarp Mail Server Input Validation Error Vulnerability
IceWarp Mail Server is a mail server product from the Czech company IceWarp IceWarp. The product supports email archiving, SmartAttach attachments, automatic migration and more. An input validation error vulnerability exists in IceWarp Mail Server, which can be exploited to cause users to be...
News Portal /index.php File SQL Injection Vulnerability
News Portal is a news portal. News Portal suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter Username in the file /admin/index.php. An attacker can exploit this vulnerability to execute illegal SQL commands ...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-10454)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on the system...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-10452)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on a system...
Microsoft Excel Code Execution Vulnerability (CNVD-2025-10449)
Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. A code execution vulnerability exists in Microsoft Excel, which can be exploited by an attacker to execute arbitrary code on the system...