π¨ CVE-2025-50608
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00471994 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00471994 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
GitHub
Netis-WF2880-cgitest.cgi-Vulnerability/1 at main Β· Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability
Netis-WF2880-cgitest.cgi-Vulnerability. Contribute to Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability development by creating an account on GitHub.
π¨ CVE-2025-50610
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00476598 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00476598 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_base_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
GitHub
Netis-WF2880-cgitest.cgi-Vulnerability/3 at main Β· Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability
Netis-WF2880-cgitest.cgi-Vulnerability. Contribute to Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability development by creating an account on GitHub.
π¨ CVE-2025-50611
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00473154 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set_5g and wl_sec_rp_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00473154 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set_5g and wl_sec_rp_set_5g in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
GitHub
Netis-WF2880-cgitest.cgi-Vulnerability/4 at main Β· Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability
Netis-WF2880-cgitest.cgi-Vulnerability. Contribute to Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability development by creating an account on GitHub.
π¨ CVE-2025-50612
A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_004743f8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set in the payload, which may cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_004743f8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wl_sec_set in the payload, which may cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
GitHub
Netis-WF2880-cgitest.cgi-Vulnerability/5 at main Β· Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability
Netis-WF2880-cgitest.cgi-Vulnerability. Contribute to Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability development by creating an account on GitHub.
π¨ CVE-2025-50613
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00475e1c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_key_wep in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
A buffer overflow vulnerability has been discovered in Netis WF2880 v2.1.40207 in the FUN_00475e1c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_key_wep in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
GitHub
Netis-WF2880-cgitest.cgi-Vulnerability/6 at main Β· Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability
Netis-WF2880-cgitest.cgi-Vulnerability. Contribute to Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability development by creating an account on GitHub.
π¨ CVE-2025-50614
A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_0047151c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
A buffer overflow vulnerability has been discovered in the Netis WF2880 v2.1.40207 in the FUN_0047151c function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the value of wds_set in the payload, which can cause the program to crash and potentially lead to a Denial of Service (DoS) attack.
π@cveNotify
GitHub
Netis-WF2880-cgitest.cgi-Vulnerability/7 at main Β· Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability
Netis-WF2880-cgitest.cgi-Vulnerability. Contribute to Chinesexilinyu/Netis-WF2880-cgitest.cgi-Vulnerability development by creating an account on GitHub.
π¨ CVE-2025-51452
In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm.
π@cveNotify
In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can bypass login by sending a specific request through formLoginAuth.htm.
π@cveNotify
π¨ CVE-2025-50594
An issue was discovered in /Code/Websites/DanpheEMR/Controllers/Settings/SecuritySettingsController.cs in Danphe Health Hospital Management System EMR 3.2 allowing attackers to reset any account password.
π@cveNotify
An issue was discovered in /Code/Websites/DanpheEMR/Controllers/Settings/SecuritySettingsController.cs in Danphe Health Hospital Management System EMR 3.2 allowing attackers to reset any account password.
π@cveNotify
Steve Campbellβs (@lpha3ch0) homepage
Account Takeover in Danphe Health Hospital Management System EMR version 3.2
Any authenticated user can takeover other accounts, including the admin account, due to Broken Function Level Authorization on the /api/SecuritySettings/ResetPassword endpoint.
π¨ CVE-2025-52385
An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the child_process module
π@cveNotify
An issue in Studio 3T v.2025.1.0 and before allows a remote attacker to execute arbitrary code via a crafted payload to the child_process module
π@cveNotify
cwe.mitre.org
CWE -
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (4.19.1)
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (4.19.1)
Common Weakness Enumeration (CWE) is a list of software weaknesses.
π¨ CVE-2025-43982
Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by default. There is a hidden hard-coded root account that cannot be disabled in the GUI.
π@cveNotify
Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731.16.43 devices enable the SSH service by default. There is a hidden hard-coded root account that cannot be disabled in the GUI.
π@cveNotify
GitHub
cve/Tuoshi/CVE-2025-43982.txt at main Β· actuator/cve
Public Cybersecurity Research & Advisories . Contribute to actuator/cve development by creating an account on GitHub.
π¨ CVE-2025-43986
An issue was discovered on KuWFi GC111 GC111-GL-LM321_V3.0_20191211 devices. The TELNET service is enabled by default and exposed over the WAN interface without authentication.
π@cveNotify
An issue was discovered on KuWFi GC111 GC111-GL-LM321_V3.0_20191211 devices. The TELNET service is enabled by default and exposed over the WAN interface without authentication.
π@cveNotify
GitHub
cve/Kuwfi/CVE-2025-43986.txt at main Β· actuator/cve
Public Cybersecurity Research & Advisories . Contribute to actuator/cve development by creating an account on GitHub.
π¨ CVE-2025-8926
A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
CVE-2025-8926οΌγSourceCodester COVID 19 Testing Management System Project V1.0 /login.php SQL injectionγ Β· Issue #2 Β· lrjbsyh/CVE_Hunter
SourceCodester COVID 19 Testing Management System Project V1.0 /login.php SQL injection NAME OF AFFECTED PRODUCT(S) COVID 19 Testing Management System Vendor Homepage https://www.sourcecodester.com...
π¨ CVE-2011-10018
myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of the intended application logic. Exploitation requires no authentication and results in full compromise of the web server under the context of the web application.
π@cveNotify
myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of the intended application logic. Exploitation requires no authentication and results in full compromise of the web server under the context of the web application.
π@cveNotify
MyBB Blog
1.6.4 Security Vulnerability
When 1.6.4 was announced almost 3 months ago it was one of the biggest updates MyBB has ever released. It fixed over 100 issues and brought performance improvements for MyBB forums β large orβ¦
π¨ CVE-2012-10055
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory (specifically WSACleanup from Ws2_32.dll). This allows the attacker to redirect execution flow and bypass DEP protections using a ROP chain, ultimately leading to arbitrary code execution. The vulnerability is exploitable without authentication and affects default configurations.
π@cveNotify
ComSndFTP FTP Server version 1.3.7 Beta contains a format string vulnerability in its handling of the USER command. By sending a specially crafted username containing format specifiers, a remote attacker can overwrite a hardcoded function pointer in memory (specifically WSACleanup from Ws2_32.dll). This allows the attacker to redirect execution flow and bypass DEP protections using a ROP chain, ultimately leading to arbitrary code execution. The vulnerability is exploitable without authentication and affects default configurations.
π@cveNotify
π¨ CVE-2025-7808
The WP Shopify WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
π@cveNotify
The WP Shopify WordPress plugin before 1.5.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
π@cveNotify
WPScan
WP Shopify < 1.5.4 - Reflected XSS
See details on WP Shopify < 1.5.4 - Reflected XSS CVE 2025-7808. View the latest Plugin Vulnerabilities on WPScan.
π₯1
π¨ CVE-2024-53945
The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command injection on the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can execute arbitrary OS commands with root privileges via shell metacharacters in parameters such as pincode and cmds. Exploitation can lead to full system compromise, including enabling remote access (e.g., enabling telnet).
π@cveNotify
The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command injection on the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can execute arbitrary OS commands with root privileges via shell metacharacters in parameters such as pincode and cmds. Exploitation can lead to full system compromise, including enabling remote access (e.g., enabling telnet).
π@cveNotify
GitHub
cve/Kuwfi/CVE-2024-53945.txt at main Β· actuator/cve
Public Cybersecurity Research & Advisories . Contribute to actuator/cve development by creating an account on GitHub.
π₯1
π¨ CVE-2023-3181
The C:\Program Files (x86)\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Temp~nsu.tmp and copies itself to it as Au_.exe. The C:\Windows\Temp~nsu.tmp\Au_.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI repair using Splashtop Streamerβs Windows Installer. Since the C:\Windows\Temp~nsu.tmp folder inherits permissions from C:\Windows\Temp and Au_.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges.
π@cveNotify
The C:\Program Files (x86)\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Temp~nsu.tmp and copies itself to it as Au_.exe. The C:\Windows\Temp~nsu.tmp\Au_.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI repair using Splashtop Streamerβs Windows Installer. Since the C:\Windows\Temp~nsu.tmp folder inherits permissions from C:\Windows\Temp and Au_.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges.
π@cveNotify
GitHub
Vulnerability-Disclosures/2023/MNDT-2023-0015.md at master Β· mandiant/Vulnerability-Disclosures
Contribute to mandiant/Vulnerability-Disclosures development by creating an account on GitHub.
π¨ CVE-2025-2760
GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25082.
π@cveNotify
GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25082.
π@cveNotify
Zerodayinitiative
ZDI-25-203
GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability
π¨ CVE-2025-2761
GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of FLI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25100.
π@cveNotify
GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of FLI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25100.
π@cveNotify
Zerodayinitiative
ZDI-25-204
GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
π¨ CVE-2025-2767
Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability.
The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407.
π@cveNotify
Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability.
The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407.
π@cveNotify
Zerodayinitiative
ZDI-25-181
(0Day) Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability
π¨ CVE-2025-2768
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25041.
π@cveNotify
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Bdrive NetDrive. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
The specific flaw exists within the configuration of OpenSSL. The product loads an OpenSSL configuration file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-25041.
π@cveNotify
Zerodayinitiative
ZDI-25-182
(0Day) Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability