Aggregator

Submit #506066 / VDB-298123

A vulnerability was found in Tenda AC8 16.03.34.06 and classified as critical. This issue affects the function sub_49E098 of the file /goform/SetIpMacBind of the component Parameter Handler. The manipulation of the argument list leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2025-1853. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #506053 / VDB-298122

Submit #505693 / VDB-231100

A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220316 and classified as critical. This vulnerability affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. This vulnerability was named CVE-2025-1852. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #505459 / VDB-296572

Submit #505398 / VDB-237953

Submit #505374 / VDB-298121

A vulnerability, which was classified as critical, was found in Tenda AC7 up to 15.03.06.44. This affects the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-1851. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #505362 / VDB-298120

Submit #505273 / VDB-230629

Submit #505271 / VDB-298119

Submit #505046 / VDB-178795

A vulnerability, which was classified as critical, has been found in Codezips College Management System 1.0. Affected by this issue is some unknown functionality of the file /university.php. The manipulation of the argument book_name leads to sql injection. This vulnerability is handled as CVE-2025-1850. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #511626 / VDB-298118

A vulnerability was found in Compaq Tru64. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component dxterm. The manipulation of the argument -xrm leads to memory corruption. This vulnerability is known as CVE-2002-1129. Attacking locally is a requirement. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Sympies Wordpress Survey And Poll 1.1.7. This issue affects the function ajax_survey of the file settings.php of the component admin/. The manipulation of the argument survey_id leads to sql injection. The identification of this vulnerability is CVE-2015-2090. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Oracle Database Server. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to path traversal. This vulnerability was named CVE-2006-7141. The attack can be initiated remotely. Furthermore, there is an exploit available. The real existence of this vulnerability is still doubted at the moment.

A vulnerability was found in ol-commerce 2.1.1. It has been declared as critical. This vulnerability affects unknown code of the file affiliate_signup.php. The manipulation of the argument entry_country_id leads to sql injection. This vulnerability was named CVE-2014-5104. The attack can be initiated remotely. Furthermore, there is an exploit available.