9.3
CVE-2026-7125 - Totolink A8000RU CGI cstecgi.cgi setWiFiEasyCfg os command injection
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely. Thβ¦
9.3
CVE-2026-7124 - Totolink A8000RU CGI cstecgi.cgi setIpv6LanCfg os command injection
A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument addrPrefixLen can lead to os command injection. The attack canβ¦
0.0
CVE-2026-7040 - Text::Minify::XS versions from v0.3.0 before v0.7.8 for Perl have heap overflow when processing somβ¦
Text::Minify::XS versions from v0.3.0 before v0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters. The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption. Note that the minify_utf8 function is an alias for minnify.
9.3
CVE-2026-7123 - Totolink A8000RU CGI cstecgi.cgi setIptvCfg os command injection
A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument setIptvCfg results in os command injection. The attack can be initiated remotely. The exploβ¦
9.3
CVE-2026-7122 - Totolink A8000RU CGI cstecgi.cgi setUPnPCfg os command injection
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The exploβ¦
9.3
CVE-2026-7121 - Totolink A8000RU CGI cstecgi.cgi setWizardCfg os command injection
A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument wizard causes os command injection. It is possible to initiate the attack remotely. The exploit has β¦
8.7
CVE-2026-7119 - Tenda HG3 formCountrystr os command injection
A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the argument countrystr results in os command injection. The attack may be performed from remote. The exploit is now public and may be used.
5.3
CVE-2026-7118 - code-projects Employee Management System cancel.php sql injection
A security vulnerability has been detected in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php. The manipulation of the argument id/token leads to sql injection. The attack is possible to be carried out remotely. The exploitβ¦
5.5
CVE-2026-5937 - Foxit PDF Editor/Reader's insufficient parameter validation leads to denial-of-service vulnerability
Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalid_argument" exception, ultimately causing the program to terminate.
5.5
CVE-2026-5938 - Foxit PDF Editor/Reader Infinite Loop Denial-of-Service Vulnerability
Improper control flow management allows a crafted document action chain to cause modal dialog reentry on the main thread, resulting in UI freeze and denial of service.