4.8
CVE-2026-2934 - YiFang CMS Extended Management D_friendLinkGroup.php update cross site scripting
A security vulnerability has been detected in YiFang CMS up to 2.0.5. This impacts the function update of the file app/db/admin/D_friendLinkGroup.php of the component Extended Management Module. The manipulation of the argument Name leads to cross site scripting. It is possible to initiate the attaβ¦
4.8
CVE-2026-2933 - YiFang CMS Extended Management D_adManage.php update cross site scripting
A weakness has been identified in YiFang CMS up to 2.0.5. This affects the function update of the file app/db/admin/D_adManage.php of the component Extended Management Module. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. Thβ¦
4.8
CVE-2026-2932 - YiFang CMS Extended Management D_adPosition.php update cross site scripting
A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted element is the function update of the file app/db/admin/D_adPosition.php of the component Extended Management Module. Performing a manipulation of the argument name/index results in cross site scripting. The attack is possiβ¦
5.3
CVE-2026-2930 - Tenda A18 Httpd Service UploadCfg webCgiGetUploadFile stack-based overflow
A vulnerability was identified in Tenda A18 15.13.07.13. The affected element is the function webCgiGetUploadFile of the file /cgi-bin/UploadCfg of the component Httpd Service. Such manipulation of the argument boundary leads to stack-based buffer overflow. The attack can be executed remotely. The β¦
4.3
CVE-2026-1369 - Conditional CAPTCHA <= 4.0.0 - Open Redirect
The Conditional CAPTCHA WordPress plugin through 4.0.0 does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue
8.7
CVE-2026-2929 - D-Link DWR-M960 Wireless Access Control Endpoint formWlAc sub_453140 stack-based overflow
A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is possibβ¦
8.7
CVE-2026-2928 - D-Link DWR-M960 WLAN Encryption Configuration Endpoint formWlEncrypt sub_452CCC stack-based overflow
A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be launched β¦
8.7
CVE-2026-2927 - D-Link DWR-M960 Operation Mode Configuration Endpoint formOpMode sub_462590 stack-based overflow
A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_462590 of the file /boafrm/formOpMode of the component Operation Mode Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack may be inβ¦
8.7
CVE-2026-2926 - D-Link DWR-M960 LTE Configuration Endpoint formLteSetup sub_4237AC stack-based overflow
A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4237AC of the file /boafrm/formLteSetup of the component LTE Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The β¦
8.7
CVE-2026-2925 - D-Link DWR-M960 Bridge VLAN Configuration Endpoint formBridgeVlan sub_42B5A0 stack-based overflow
A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_42B5A0 of the file /boafrm/formBridgeVlan of the component Bridge VLAN Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack β¦