Submit #622693: TOTOLINK X15 V1.0.0-B20230714.1105 Buffer Overflow [Accepted]
Submit #622693 / VDB-317833
Aggregator
Submit #622692: TOTOLINK X15 V1.0.0-B20230714.1105 Command Injection [Accepted]
1 week 6 days ago
Submit #622692 / VDB-317832
panda_0x1
CVE-2025-8242 | TOTOLINK X15 1.0.0-B20230714.1105 HTTP POST Request /boafrm/formFilter ip6addr/url/vpnPassword/vpnUser buffer overflow (EUVD-2025-22831)
1 week 6 days ago
A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr/url/vpnPassword/vpnUser leads to buffer overflow.
This vulnerability was named CVE-2025-8242. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #622691: TOTOLINK X15 V1.0.0-B20230714.1105 Buffer Overflow [Accepted]
1 week 6 days ago
Submit #622691 / VDB-317831
panda_0x1
Submit #622665: TOTOLINK X15 V1.0.0-B20230714.1105 Buffer Overflow [Duplicate]
1 week 6 days ago
Submit #622665 / VDB-317830
panda_0x1
CVE-2025-8241 | 1000 Projects ABC Courier Management System 1.0 /report.php From sql injection (EUVD-2025-22832)
1 week 6 days ago
A vulnerability, which was classified as critical, was found in 1000 Projects ABC Courier Management System 1.0. This affects an unknown part of the file /report.php. The manipulation of the argument From leads to sql injection.
This vulnerability is uniquely identified as CVE-2025-8241. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #622664: TOTOLINK X15 V1.0.0-B20230714.1105 Buffer Overflow [Duplicate]
1 week 6 days ago
Submit #622664 / VDB-317830
panda_0x1
Submit #622662: TOTOLINK X15 V1.0.0-B20230714.1105 Buffer Overflow [Duplicate]
1 week 6 days ago
Submit #622662 / VDB-317830
panda_0x1
Submit #622661: TOTOLINK X15 V1.0.0-B20230714.1105 Buffer Overflow [Accepted]
1 week 6 days ago
Submit #622661 / VDB-317830
panda_0x1
CVE-2025-8240 | code-projects Exam Form Submission 1.0 /user/dashboard.php phone sql injection (EUVD-2025-22830)
1 week 6 days ago
A vulnerability, which was classified as critical, has been found in code-projects Exam Form Submission 1.0. Affected by this issue is some unknown functionality of the file /user/dashboard.php. The manipulation of the argument phone leads to sql injection.
This vulnerability is handled as CVE-2025-8240. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8239 | code-projects Exam Form Submission 1.0 /admin/ email sql injection (EUVD-2025-22828)
1 week 6 days ago
A vulnerability classified as critical was found in code-projects Exam Form Submission 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument email leads to sql injection.
This vulnerability is known as CVE-2025-8239. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8238 | code-projects Exam Form Submission 1.0 /admin/update_s2.php credits sql injection (EUVD-2025-22829)
1 week 6 days ago
A vulnerability classified as critical has been found in code-projects Exam Form Submission 1.0. Affected is an unknown function of the file /admin/update_s2.php. The manipulation of the argument credits leads to sql injection.
This vulnerability is traded as CVE-2025-8238. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8237 | code-projects Exam Form Submission 1.0 /admin/update_s1.php credits sql injection (EUVD-2025-22826)
1 week 6 days ago
A vulnerability was found in code-projects Exam Form Submission 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/update_s1.php. The manipulation of the argument credits leads to sql injection.
The identification of this vulnerability is CVE-2025-8237. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Law enforcement operations seized BlackSuit ransomware gang’s darknet sites
1 week 6 days ago
An international law enforcement operation seized the dark web data leak site of the BlackSuit ransomware group. A banner on the BlackSuit ransomware group’s TOR data leak sites informs visitors that they were seized by U.S. Homeland Security Investigations in a global law enforcement operation. The notice features logos of 17 law enforcement agencies and […]
Pierluigi Paganini
Submit #622432: 1000projects ABC Courier Management System Project V1.0 SQL Injection [Accepted]
1 week 6 days ago
Submit #622432 / VDB-317829
yinxingyu
CVE-2025-8236 | code-projects Online Ordering System 1.0 /admin/edit_product.php Name sql injection (EUVD-2025-22827)
1 week 6 days ago
A vulnerability was found in code-projects Online Ordering System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/edit_product.php. The manipulation of the argument Name leads to sql injection.
This vulnerability was named CVE-2025-8236. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8235 | code-projects Online Ordering System 1.0 /admin/product.php Name sql injection (EUVD-2025-22825)
1 week 6 days ago
A vulnerability was found in code-projects Online Ordering System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/product.php. The manipulation of the argument Name leads to sql injection.
This vulnerability is uniquely identified as CVE-2025-8235. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8234 | code-projects Online Ordering System 1.0 /admin/delete_member.php ID sql injection (EUVD-2025-22823)
1 week 6 days ago
A vulnerability was found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/delete_member.php. The manipulation of the argument ID leads to sql injection.
This vulnerability is handled as CVE-2025-8234. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8233 | code-projects Online Ordering System 1.0 /admin/user.php un sql injection (EUVD-2025-22824)
1 week 6 days ago
A vulnerability has been found in code-projects Online Ordering System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/user.php. The manipulation of the argument un leads to sql injection.
This vulnerability is known as CVE-2025-8233. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-8232 | code-projects Online Ordering System 1.0 /admin/delete_user.php ID sql injection (EUVD-2025-22821)
1 week 6 days ago
A vulnerability, which was classified as critical, was found in code-projects Online Ordering System 1.0. Affected is an unknown function of the file /admin/delete_user.php. The manipulation of the argument ID leads to sql injection.
This vulnerability is traded as CVE-2025-8232. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com