๐จ CVE-2025-15217
A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing manipulation of the argument list results in buffer overflow. The attack can be initiated remotely.
๐@cveNotify
A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing manipulation of the argument list results in buffer overflow. The attack can be initiated remotely.
๐@cveNotify
lavender-bicycle-a5a on Notion
Tenda-AC23-formSetPPTPUserList | Notion
Overview
โค1
๐จ CVE-2025-15218
A weakness has been identified in Tenda AC10U 15.03.06.48/15.03.06.49. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Parameter Handler. Executing manipulation of the argument lanMask can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be exploited.
๐@cveNotify
A weakness has been identified in Tenda AC10U 15.03.06.48/15.03.06.49. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Parameter Handler. Executing manipulation of the argument lanMask can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be exploited.
๐@cveNotify
lavender-bicycle-a5a on Notion
Tenda-AC10U-fromadvsetlanip | Notion
Overview
๐จ CVE-2025-15219
A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doMachineList/doPodList of the file src/main/java/com/sohu/cache/web/controller/MachineManageController.java. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.
๐@cveNotify
A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doMachineList/doPodList of the file src/main/java/com/sohu/cache/web/controller/MachineManageController.java. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.
๐@cveNotify
GitHub
XSS vulnerability on /manage/machine/list ยท Issue #377 ยท sohutv/cachecloud
XSS vulnerability on /manage/machine/list Summary In the latest version (v3.2) of CacheCloud, the endpoint /manage/machine/list does not encode user-controllable parameters when outputting them on ...
๐จ CVE-2025-15220
A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This affects the function init of the file src/main/java/com/sohu/cache/web/controller/LoginController.java. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
๐@cveNotify
A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This affects the function init of the file src/main/java/com/sohu/cache/web/controller/LoginController.java. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
๐@cveNotify
GitHub
XSS vulnerability on /manage/login ยท Issue #379 ยท sohutv/cachecloud
XSS vulnerability on /manage/login Summary In the latest version (v3.2) of CacheCloud, the endpoint /manage/login does not encode user-controllable parameters when outputting them on web page, resu...
๐จ CVE-2025-15221
A flaw has been found in SohuTV CacheCloud up to 3.2.0. This vulnerability affects the function index of the file src/main/java/com/sohu/cache/web/controller/AppDataMigrateController.java. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
๐@cveNotify
A flaw has been found in SohuTV CacheCloud up to 3.2.0. This vulnerability affects the function index of the file src/main/java/com/sohu/cache/web/controller/AppDataMigrateController.java. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
๐@cveNotify
GitHub
XSS vulnerability on /data/migrate/index ยท Issue #380 ยท sohutv/cachecloud
XSS vulnerability on /data/migrate/index Summary In the latest version (v3.2) of CacheCloud, the endpoint /data/migrate/index does not encode user-controllable parameters when outputting them on we...
๐จ CVE-2025-14312
The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
๐@cveNotify
The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
๐@cveNotify
WPScan
Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via counter
See details on Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via counter CVE 2025-14312. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2025-14313
The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
๐@cveNotify
The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
๐@cveNotify
WPScan
Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via taxo_ajax
See details on Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via taxo_ajax CVE 2025-14313. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2025-15222
A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
A vulnerability has been found in Dromara Sa-Token up to 1.44.0. This issue affects the function ObjectInputStream.readObject of the file SaSerializerTemplateForJdkUseBase64.java. Such manipulation leads to deserialization. The attack can be executed remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
GitHub
GitHub - Yohane-Mashiro/satoken-deserialization: satokenๅๅบๅๅ้ฎ้ข
satokenๅๅบๅๅ้ฎ้ข. Contribute to Yohane-Mashiro/satoken-deserialization development by creating an account on GitHub.
๐จ CVE-2025-15229
A vulnerability has been found in Tenda CH22 up to 1.0.0.1. Affected by this vulnerability is the function fromDhcpListClient of the file /goform/DhcpListClient. Such manipulation of the argument LISTLEN leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability has been found in Tenda CH22 up to 1.0.0.1. Affected by this vulnerability is the function fromDhcpListClient of the file /goform/DhcpListClient. Such manipulation of the argument LISTLEN leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
Tenda CH22 V1.0.0.1 Router Denial of Service in fromDhcpListClient function ยท Issue #7 ยท master-abc/cve
Overview Firmware download website: https://www.tenda.com.cn/material/show/1367 Affected Version VERSION(S) CH22 v1.0.0.1 Submitter USTC_BUG_Hunter Vulnerability details A Denial of Service (DoS) v...
๐จ CVE-2025-15230
A vulnerability was found in Tenda M3 1.0.0.13(4903). Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing manipulation of the argument qvlan_truck_port results in heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
๐@cveNotify
A vulnerability was found in Tenda M3 1.0.0.13(4903). Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing manipulation of the argument qvlan_truck_port results in heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
๐@cveNotify
GitHub
CVEs/Tenda/setVlanPolicy.md at main ยท dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
๐จ CVE-2025-15231
A vulnerability was determined in Tenda M3 1.0.0.13(4903). This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
๐@cveNotify
A vulnerability was determined in Tenda M3 1.0.0.13(4903). This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
๐@cveNotify
GitHub
CVEs/Tenda/setRemoteVlanInfo.md at main ยท dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
๐จ CVE-2023-36377
Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files.
๐@cveNotify
Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files.
๐@cveNotify
GitHub
Comparing 2.2...2.3 ยท mtrojnar/osslsigncode
OpenSSL-based Authenticode signing for PE, CAB, CAT, MSI, APPX, and script file - Comparing 2.2...2.3 ยท mtrojnar/osslsigncode
๐จ CVE-2025-15232
A vulnerability was identified in Tenda M3 1.0.0.13(4903). This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
๐@cveNotify
A vulnerability was identified in Tenda M3 1.0.0.13(4903). This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
๐@cveNotify
GitHub
CVEs/Tenda/setAdPushInfo.md at main ยท dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
๐จ CVE-2025-15233
A security flaw has been discovered in Tenda M3 1.0.0.13(4903). This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemUID results in heap-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
๐@cveNotify
A security flaw has been discovered in Tenda M3 1.0.0.13(4903). This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemUID results in heap-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
๐@cveNotify
GitHub
CVEs/Tenda/setAdInfoDetail.md at main ยท dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
๐จ CVE-2025-15355
ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
๐@cveNotify
ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
๐@cveNotify
๐จ CVE-2025-15103
DVP-12SE11T - Authentication Bypass via Partial Password Disclosure
๐@cveNotify
DVP-12SE11T - Authentication Bypass via Partial Password Disclosure
๐@cveNotify
๐จ CVE-2025-15234
A weakness has been identified in Tenda M3 1.0.0.13(4903). Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.
๐@cveNotify
A weakness has been identified in Tenda M3 1.0.0.13(4903). Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.
๐@cveNotify
GitHub
CVEs/Tenda/setRemoteInternetLanInfo.md at main ยท dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
๐จ CVE-2025-15241
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.5.2 is sufficient to fix this issue. Upgrading the affected component is recommended.
๐@cveNotify
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.5.2 is sufficient to fix this issue. Upgrading the affected component is recommended.
๐@cveNotify
GitHub
GitHub - Stolichnayer/cloudpanel-open-redirect: CloudPanel CE โค v2.5.1 contains an Open Redirect vulnerability in the /admin/usersโฆ
CloudPanel CE โค v2.5.1 contains an Open Redirect vulnerability in the /admin/users endpoint due to improper validation of the Referer header. - Stolichnayer/cloudpanel-open-redirect
๐จ CVE-2025-15242
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function of the component Coupon Handler. Performing manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is regarded as difficult. The exploit is now public and may be used.
๐@cveNotify
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function of the component Coupon Handler. Performing manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is regarded as difficult. The exploit is now public and may be used.
๐@cveNotify
Byebyedoggy
1229 PHPEMS Coupon Recharge Race Condition Poc
Vulnerability Information\rItem Details Vulnerability Name PHPEMS Coupon Recharge Race Condition Vulnerability Affected Versions PHPEMS 11.0 and earlier Type Logic Flaw Severity Medium Reproduction Environment\rTest Site: Local deployment Source Code Setup:โฆ