π¨ CVE-2025-15429
A security vulnerability has been detected in UTT θΏε 512W 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formConfigCliForEngineerOnly. Such manipulation of the argument addCommand leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A security vulnerability has been detected in UTT θΏε 512W 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formConfigCliForEngineerOnly. Such manipulation of the argument addCommand leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
GitHub
cve/1223/19.md at main Β· Lena-lyy/cve
Contribute to Lena-lyy/cve development by creating an account on GitHub.
π¨ CVE-2025-15430
A vulnerability was detected in UTT θΏε 512W 1.7.7-171114. Affected by this issue is the function strcpy of the file /goform/formFtpServerShareDirSelcet. Performing manipulation of the argument oldfilename results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability was detected in UTT θΏε 512W 1.7.7-171114. Affected by this issue is the function strcpy of the file /goform/formFtpServerShareDirSelcet. Performing manipulation of the argument oldfilename results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
GitHub
cve/1234/20.md at main Β· GUOTINGTING2297/cve
cve_tmp. Contribute to GUOTINGTING2297/cve development by creating an account on GitHub.
π¨ CVE-2025-15432
A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This vulnerability affects the function downloadShowFile of the file /file/downloadShowFile.action of the component com.yeqifu.sys.controller.FileController. The manipulation of the argument path leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d209426638863980301d6f99866b3. This vulnerability affects the function downloadShowFile of the file /file/downloadShowFile.action of the component com.yeqifu.sys.controller.FileController. The manipulation of the argument path leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
GitHub
Path traversal Vulnerability in FileController Β· Issue #46 Β· yeqifu/carRental
Path traversal Vulnerability com.yeqifu.sys.controller.FileController#downloadShowFile is the entrance to the taint, no authorization is required. The downloadFile() function in the com.yeqifu.sys....
π¨ CVE-2025-15434
A vulnerability was detected in Yonyou KSOA 9.0. Affected is an unknown function of the file /kp/PrintZPYG.jsp. The manipulation of the argument zpjhid results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability was detected in Yonyou KSOA 9.0. Affected is an unknown function of the file /kp/PrintZPYG.jsp. The manipulation of the argument zpjhid results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
GitHub
Yonyou KSOA V1.0 Vulnerability SQL Injection Β· Issue #1 Β· cly-yuxiu/CVE
Yonyou KSOA V1.0 Vulnerability SQL Injection NAME OF AFFECTED PRODUCT(S) Yonyou KSOA Vendor Homepage https://www.yonyou.com/ AFFECTED AND/OR FIXED VERSION(S) V1.0 Vuldb Submitter yuxiu Vulnerable F...
π₯1
π¨ CVE-2025-15435
A flaw has been found in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /worksheet/work_update.jsp. This manipulation of the argument Report causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A flaw has been found in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /worksheet/work_update.jsp. This manipulation of the argument Report causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
GitHub
Yonyou KSOA V1.0 Vulnerability SQL Injection Β· Issue #1 Β· xiaozipang/CVE
Yonyou KSOA V1.0 Vulnerability SQL Injection NAME OF AFFECTED PRODUCT(S) Yonyou KSOA Vendor Homepage https://www.yonyou.com/ AFFECTED AND/OR FIXED VERSION(S) V1.0 Vuldb Submitter LNone Vulnerable F...
π¨ CVE-2025-15436
A vulnerability has been found in Yonyou KSOA 9.0. Affected by this issue is some unknown functionality of the file /worksheet/work_edit.jsp. Such manipulation of the argument Report leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability has been found in Yonyou KSOA 9.0. Affected by this issue is some unknown functionality of the file /worksheet/work_edit.jsp. Such manipulation of the argument Report leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
GitHub
Yonyou KSOA V1.0 Vulnerability SQL Injection Β· Issue #2 Β· xinshou-test/CVE
Yonyou KSOA V1.0 Vulnerability SQL Injection NAME OF AFFECTED PRODUCT(S) Yonyou KSOA Vendor Homepage https://www.yonyou.com/ AFFECTED AND/OR FIXED VERSION(S) V1.0 Vuldb Submitter zhx123 Vulnerable ...
π¨ CVE-2025-15437
A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing manipulation of the argument REQUEST_URI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could be used. Upgrading to version 6.1.26 and 6.3 is able to mitigate this issue. The patch is named 264ac5b2be5b3c673ebd8cb862e673f5d300d9a7. The affected component should be upgraded.
π@cveNotify
A vulnerability was found in LigeroSmart up to 6.1.24. This affects an unknown part of the component Environment Variable Handler. Performing manipulation of the argument REQUEST_URI results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could be used. Upgrading to version 6.1.26 and 6.3 is able to mitigate this issue. The patch is named 264ac5b2be5b3c673ebd8cb862e673f5d300d9a7. The affected component should be upgraded.
π@cveNotify
GitHub
fix: REQUEST_URI sanitization, solves #278 Β· LigeroSmart/ligerosmart@264ac5b
LigeroSmart code. Contribute to LigeroSmart/ligerosmart development by creating an account on GitHub.
π¨ CVE-2026-0546
A vulnerability was determined in code-projects Content Management System 1.0. This impacts an unknown function of the file search.php. This manipulation of the argument Value causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
π@cveNotify
A vulnerability was determined in code-projects Content Management System 1.0. This impacts an unknown function of the file search.php. This manipulation of the argument Value causes sql injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
π@cveNotify
π¨ CVE-2026-0547
A vulnerability was found in PHPGurukul Online Course Registration up to 3.1. This issue affects some unknown processing of the file /admin/edit-student-profile.php of the component Student Registration Page. The manipulation of the argument photo results in unrestricted upload. The attack may be launched remotely. The exploit has been made public and could be used.
π@cveNotify
A vulnerability was found in PHPGurukul Online Course Registration up to 3.1. This issue affects some unknown processing of the file /admin/edit-student-profile.php of the component Student Registration Page. The manipulation of the argument photo results in unrestricted upload. The attack may be launched remotely. The exploit has been made public and could be used.
π@cveNotify
GitHub
Online-Course-Registration/Cross Site Scripting.md at main Β· rsecroot/Online-Course-Registration
Contribute to rsecroot/Online-Course-Registration development by creating an account on GitHub.
π¨ CVE-2023-50257
eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (`p[UD]`) and `guid` values used to disconnect between nodes are not encrypted, a vulnerability has been discovered where a malicious attacker can forcibly disconnect a Subscriber and can deny a Subscriber attempting to connect. Afterwards, if the attacker sends the packet for disconnecting, which is data (`p[UD]`), to the Global Data Space (`239.255.0.1:7400`) using the said Publisher ID, all the Subscribers (Listeners) connected to the Publisher (Talker) will not receive any data and their connection will be disconnected. Moreover, if this disconnection packet is sent continuously, the Subscribers (Listeners) trying to connect will not be able to do so. Since the initial commit of the `SecurityManager.cpp` code (`init`, `on_process_handshake`) on Nov 8, 2016, the Disconnect Vulnerability in RTPS Packets Used by SROS2 has been present prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7.
π@cveNotify
eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (`p[UD]`) and `guid` values used to disconnect between nodes are not encrypted, a vulnerability has been discovered where a malicious attacker can forcibly disconnect a Subscriber and can deny a Subscriber attempting to connect. Afterwards, if the attacker sends the packet for disconnecting, which is data (`p[UD]`), to the Global Data Space (`239.255.0.1:7400`) using the said Publisher ID, all the Subscribers (Listeners) connected to the Publisher (Talker) will not receive any data and their connection will be disconnected. Moreover, if this disconnection packet is sent continuously, the Subscribers (Listeners) trying to connect will not be able to do so. Since the initial commit of the `SecurityManager.cpp` code (`init`, `on_process_handshake`) on Nov 8, 2016, the Disconnect Vulnerability in RTPS Packets Used by SROS2 has been present prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7.
π@cveNotify
GitHub
Refs #1811. WIP SecurityManager. Β· eProsima/Fast-DDS@072cbc9
The most complete DDS - Proven: Plenty of success cases. Looking for commercial support? Contact info@eprosima.com - Refs #1811. WIP SecurityManager. Β· eProsima/Fast-DDS@072cbc9
π¨ CVE-2023-36337
A reflected cross-site scripting (XSS) vulnerability in the component /index.php/cuzh4 of PHP Inventory Management System 1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
π@cveNotify
A reflected cross-site scripting (XSS) vulnerability in the component /index.php/cuzh4 of PHP Inventory Management System 1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
π@cveNotify
Gist
CVE-2023-36337
CVE-2023-36337. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2023-53975
Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks.
π@cveNotify
Atom CMS 2.0 contains an unauthenticated SQL injection vulnerability that allows remote attackers to manipulate database queries through unvalidated parameters. Attackers can inject malicious SQL code in the 'id' parameter of the admin index page to execute time-based blind SQL injection attacks.
π@cveNotify
GitHub
GitHub - thedigicraft/Atom.CMS: Atom.CMS
Atom.CMS. Contribute to thedigicraft/Atom.CMS development by creating an account on GitHub.
π¨ CVE-2024-29883
CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. Suppression of wiki requests does not work as intended, and always restricts visibility to those with the `(createwiki)` user right regardless of the settings one sets on a given wiki request. This may expose information to users who are not supposed to be able to access it.
π@cveNotify
CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. Suppression of wiki requests does not work as intended, and always restricts visibility to those with the `(createwiki)` user right regardless of the settings one sets on a given wiki request. This may expose information to users who are not supposed to be able to access it.
π@cveNotify
π¨ CVE-2023-53775
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change user passwords by exploiting weak session management controls. Attackers can reuse IP-bound session identifiers to issue unauthorized requests to the userManager API and modify user credentials without proper authentication.
π@cveNotify
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change user passwords by exploiting weak session management controls. Attackers can reuse IP-bound session identifiers to issue unauthorized requests to the userManager API and modify user credentials without proper authentication.
π@cveNotify
DB Broadcasting
TV Radio Broadcasting Equipment - DB Broadcast
DB Elettronica Telecomunicazioni Spa is the leader company working in broadcasting equipment and scientific applications.
π¨ CVE-2023-53776
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform critical operations on the transmitter.
π@cveNotify
Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound session identifiers. Attackers can issue unauthorized requests to the device management API by leveraging the session binding mechanism to perform critical operations on the transmitter.
π@cveNotify
DB Broadcasting
TV Radio Broadcasting Equipment - DB Broadcast
DB Elettronica Telecomunicazioni Spa is the leader company working in broadcasting equipment and scientific applications.
π¨ CVE-2024-30855
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/makehtml_list_action.php.
π@cveNotify
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/makehtml_list_action.php.
π@cveNotify
Gist
CVE-2024-30855
CVE-2024-30855. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2024-27922
TOMP Bare Server implements the TompHTTP bare server. A vulnerability in versions prior to 2.0.2 relates to insecure handling of HTTP requests by the @tomphttp/bare-server-node package. This flaw potentially exposes the users of the package to manipulation of their web traffic. The impact may vary depending on the specific usage of the package but it can potentially affect any system where this package is in use. The problem has been patched in version 2.0.2. As of time of publication, no specific workaround strategies have been disclosed.
π@cveNotify
TOMP Bare Server implements the TompHTTP bare server. A vulnerability in versions prior to 2.0.2 relates to insecure handling of HTTP requests by the @tomphttp/bare-server-node package. This flaw potentially exposes the users of the package to manipulation of their web traffic. The impact may vary depending on the specific usage of the package but it can potentially affect any system where this package is in use. The problem has been patched in version 2.0.2. As of time of publication, no specific workaround strategies have been disclosed.
π@cveNotify
GitHub
HTTP Handling Vulnerability in the Bare server
### Impact
This vulnerability relates to insecure handling of HTTP requests by the @tomphttp/bare-server-node package. This flaw potentially exposes the users of the package to manipulation of the...
This vulnerability relates to insecure handling of HTTP requests by the @tomphttp/bare-server-node package. This flaw potentially exposes the users of the package to manipulation of the...
π¨ CVE-2024-28101
The Apollo Router is a graph router written in Rust to run a federated supergraph that uses Apollo Federation. Versions 0.9.5 until 1.40.2 are subject to a Denial-of-Service (DoS) type vulnerability. When receiving compressed HTTP payloads, affected versions of the Router evaluate the `limits.http_max_request_bytes` configuration option after the entirety of the compressed payload is decompressed. If affected versions of the Router receive highly compressed payloads, this could result in significant memory consumption while the compressed payload is expanded. Router version 1.40.2 has a fix for the vulnerability. Those who are unable to upgrade may be able to implement mitigations at proxies or load balancers positioned in front of their Router fleet (e.g. Nginx, HAProxy, or cloud-native WAF services) by creating limits on HTTP body upload size.
π@cveNotify
The Apollo Router is a graph router written in Rust to run a federated supergraph that uses Apollo Federation. Versions 0.9.5 until 1.40.2 are subject to a Denial-of-Service (DoS) type vulnerability. When receiving compressed HTTP payloads, affected versions of the Router evaluate the `limits.http_max_request_bytes` configuration option after the entirety of the compressed payload is decompressed. If affected versions of the Router receive highly compressed payloads, this could result in significant memory consumption while the compressed payload is expanded. Router version 1.40.2 has a fix for the vulnerability. Those who are unable to upgrade may be able to implement mitigations at proxies or load balancers positioned in front of their Router fleet (e.g. Nginx, HAProxy, or cloud-native WAF services) by creating limits on HTTP body upload size.
π@cveNotify
GitHub
streaming body decompression Β· apollographql/router@9e9527c
Client request body was fully loaded in memory before decompressing, we
are now decompressing it as it goes
are now decompressing it as it goes
π¨ CVE-2024-25182
givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php.
π@cveNotify
givanz VvvebJs 1.7.2 suffers from a File Upload vulnerability via save.php.
π@cveNotify
Gist
CVE-2024-25182
CVE-2024-25182. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2024-25183
givanz VvvebJs 1.7.2 is vulnerable to Directory Traversal via scan.php.
π@cveNotify
givanz VvvebJs 1.7.2 is vulnerable to Directory Traversal via scan.php.
π@cveNotify
Gist
CVE-2024-25183
CVE-2024-25183. GitHub Gist: instantly share code, notes, and snippets.