Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08614)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method GetActiveConnectionVariables, which can be exploited by an attacker to...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08612)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method GetGateways, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08604)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UnlockGeneralSettings, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08601)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method LockTcmSettings, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09145)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from the internally used 'UpdateGateways' method. An attacker could use this vulnerability to bypass authorization...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08591)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the UnlockWebServerGatewaySettings method, which can be exploited by an attacker to cause...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09144)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from the internally used 'UpdateProject' method. An attacker could use this vulnerability to bypass authorization...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08611)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that stems from an internal method, LockGateway, which can be exploited by an attacker to bypass authorization controls and execut...

PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10692)

PCMan FTP Server is PCMan open source set of FTP software. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from mishandling of specific requests. No detailed vulnerability details are provided at this time...

TOTOLINK A3700R Access Control Error Vulnerability (CNVD-2025-12020)

The TOTOLINK A3700R is a wireless router that provides wireless network connectivity and management. The TOTOLINK A3700R suffers from an access control error vulnerability that originates from improper access control of the setUrlFilterRules function in the /cgi-bin/cstecgi.cgi file. No detailed...

TOTOLINK A3700R Access Control Error Vulnerability

The TOTOLINK A3700R is a wireless router that provides wireless network connectivity. TOTOLINK A3700R suffers from an access control error vulnerability that originates from improper access control of the setL2tpServerCfg function in the /cgi-bin/cstecgi.cgi file, for which no detailed...

TOTOLINK A3700R Access Control Error Vulnerability

The TOTOLINK A3700R is a wireless router that provides wireless network connectivity. The TOTOLINK A3700R suffers from an access control error vulnerability that stems from the /cgi-bin/cstecgi.cgi file setWiFiEasyGuestCfg function failing to correctly handle a specific request. No detailed...

TOTOLINK A3700R cstecgi.cgi setSmartQosCfg Access Control Error Vulnerability

The TOTOLINK A3700R is a wireless router that provides wireless network connectivity and management. The TOTOLINK A3700R suffers from an access control error vulnerability that originates from improper access control of the setSmartQosCfg function in the /cgi-bin/cstecgi.cgi file. No detailed...

TOTOLINK A3700R cstecgi.cgi setScheduleCfg Improper Access Control Vulnerability

The TOTOLINK A3700R is a wireless router that provides wireless network connectivity. The TOTOLINK A3700R suffers from an improper access control vulnerability that stems from mishandling of specific requests. No detailed vulnerability details are provided at this time...

PCMan FTP Server CD Command Buffer Overflow Vulnerability

PCMan FTP Server is a lightweight FTP server software that provides basic file transfer functionality. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from the CD Command Handler component failing to properly validate input data when processing a specific request. An...

PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10859)

PCMan FTP Server is a server software for File Transfer Protocol FTP. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from the failure of the DIR Command Handler module DIR Command Handler to properly handle a specific request. No detailed vulnerability details are provid...

Patient Record Management System edit_fpatient.php File SQL Injection Vulnerability

Patient Record Management System is a medical record management system. Patient Record Management System suffers from a SQL injection vulnerability that stems from a lack of adequate validation of inputs to the ID parameter in the file /editfpatient.php. No details of the vulnerability are...

TOTOLINK A3700R Access Control Error Vulnerability (CNVD-2025-12019)

The TOTOLINK A3700R is a wireless router that provides network connectivity for homes and small offices. The TOTOLINK A3700R suffers from an Access Control Error vulnerability that originates from improper access control of the setDdnsCfg function in the /cgi-bin/cstecgi.cgi file. No detailed...

Tenda W12 Buffer Overflow Vulnerability

The Tenda W12 is a wireless router that provides wireless network connectivity. A buffer overflow vulnerability exists in Tenda W12 version 3.0.0.5, which originates from the cgiWifiRadioSet function in the /bin/httpd file that fails to properly validate input data when processing a specific...

TOTOLINK A3700R Improper Access Control Vulnerability

The TOTOLINK A3700R is a wireless router that provides wireless network connectivity. The TOTOLINK A3700R suffers from an improper access control vulnerability that stems from the setWiFiEasyCfg/setWiFiEasyGuestCfg functions in the /cgi-bin/cstecgi.cgi file failing to properly handle specific...

PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10695)

PCMan FTP Server is an FTP server software that provides file transfer services. PCMan FTP Server suffers from a buffer overflow vulnerability that stems from the failure of the HOST Command Handler module to properly process input when handling a specific request. No detailed vulnerability detai...

Men Salon Management System /admin/edit-customer-detailed.php File SQL Injection Vulnerability

Men Salon Management System a men's salon management system. The Men Salon Management System suffers from a SQL injection vulnerability that originates from insufficient input validation of the editid parameter in the /admin/edit-customer-detailed.php file. An attacker can use this vulnerability ...

PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10694)

PCMan FTP Server is a server software for file transfer protocol. A buffer overflow vulnerability exists in PCMan FTP Server that stems from the LANG Command Handler component failing to properly validate input data when processing a specific request. No detailed vulnerability details are availab...

Men Salon Management System /admin/edit-services.php File SQL Injection Vulnerability

Men Salon Management System a men's salon management system. The Men Salon Management System suffers from an SQL injection vulnerability that stems from a lack of proper validation and cleanup of inputs to the cost parameter in the /admin/edit-services.php file. An attacker could exploit this...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08372)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the UpdateTraceLevelSettings method, which can be exploited by an attacker to bypass...

Unspecified Vulnerability in Oracle MySQL (CNVD-2025-17379)

Oracle MySQL is an open source relational database management system from Oracle Corporation.MySQL Connectors is one of the drivers for connecting applications that use MySQL. A security vulnerability exists in MySQL Connectors for Oracle MySQL, which can be exploited by attackers to conduct an...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08602)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, UnlockSmtpSettings, which can be exploited by an attacker to bypass authorization contro...

Unspecified Vulnerability in Oracle MySQL Server (CNVD-2025-17369)

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which originates from a flaw in the InnoDB component, and can be exploited by an attacker to cause a complete denial of service attack or data tampering...

Unspecified Vulnerability in JetBrains Toolbox App

JetBrains Toolbox App is an application for managing and updating JetBrains development tools. A security vulnerability exists in JetBrains Toolbox App that stems from a lack of sufficient user validation when establishing a connection. An attacker could exploit the vulnerability to establish an...

PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10690)

PCMan FTP Server is PCMan open source set of FTP software. A buffer overflow vulnerability exists in PCMan FTP Server that stems from a failure to properly validate input when processing a specific request. No detailed vulnerability details are provided at this time...

PCMan FTP Server Buffer Overflow Vulnerability (CNVD-2025-10696)

PCMan FTP Server is an FTP server software for file transfer. A buffer overflow vulnerability exists in PCMan FTP Server that stems from the MDTM Command Handler failing to properly handle input data when processing a specific request. No detailed vulnerability details are available at this time...

TOTOLINK A3700R cstecgi.cgi setUPnPCfg Improper Access Control Vulnerability

The TOTOLINK A3700R is a wireless router that provides wireless network connectivity and management. The TOTOLINK A3700R suffers from an improper access control vulnerability that originates from improper access control of the setUPnPCfg function in the file /cgi-bin/cstecgi.cgi. No detailed...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08597)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method LockOpcSettings, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08363)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the MigrateDatabase method, which can be exploited by an attacker to bypass authorizatio...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08598)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UnlockDatabaseSettings, which can be exploited by an attacker to bypas...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08609)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method GetUsers, which can be exploited by an attacker to bypass authorizatio...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08600)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method UnlockTcmSettings, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08616)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method UpdateConnectionVariableArchivingBuffering, which can be exploited by an attacker to bypa...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08371)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the UnlockTraceLevelSettings method, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08603)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method LockSmtpSettings, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-09143)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from the internally used 'UpdateOpcSettings' method. An attacker could exploit the vulnerability to cause bypass o...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08361)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method GetProjects, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08599)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method LockDatabaseSettings, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08595)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the LockBufferingSettings method, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08594)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the UnlockBufferingSettings method, which can be exploited by an attacker to bypass...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08356)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, ImportDatabase, which can be exploited by an attacker to bypass authorization controls a...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08369)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the GetSettings method, which can be exploited by an attacker to bypass authorization...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08596)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from an internal method, UnlockOpcSettings, which can be exploited by an attacker to bypass authorization controls...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08606)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method UpdateGeneralSettings, which can be exploited by an attacker to bypass authorization...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08592)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an SQL injection in the LockWebServerGatewaySettings method, which can be exploited by an attacker to bypass...