5.1
CVE-2025-15241 - CloudPanel Community Edition HTTP Header users redirect
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack re…
8.1
CVE-2025-15103 - DVP-12SE11T - Authentication Bypass via Partial Password Disclosure
DVP-12SE11T - Authentication Bypass via Partial Password Disclosure
9.1
CVE-2025-15102 - DVP-12SE11T - Password Protection Bypass
DVP-12SE11T - Password Protection Bypass
8.7
CVE-2025-15234 - Tenda M3 setInternetLanInfo formSetRemoteInternetLanInfo heap-based overflow
A weakness has been identified in Tenda M3 1.0.0.13(4903). Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow. It is possible to initiate the…
8.7
CVE-2025-15233 - Tenda M3 setAdInfoDetail formSetAdInfoDetails heap-based overflow
A security flaw has been discovered in Tenda M3 1.0.0.13(4903). This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemU…
5.1
CVE-2025-15355 - NetVision Information|ISOinsight - Reflected Cross-site Scripting
ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
8.7
CVE-2025-15232 - Tenda M3 setAdPushInfo formSetAdPushInfo stack-based overflow
A vulnerability was identified in Tenda M3 1.0.0.13(4903). This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit …
8.7
CVE-2025-15231 - Tenda M3 setVlanInfo formSetRemoteVlanInfo stack-based overflow
A vulnerability was determined in Tenda M3 1.0.0.13(4903). This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been public…
8.7
CVE-2025-15230 - Tenda M3 setVlanPolicyData formSetVlanPolicy heap-based overflow
A vulnerability was found in Tenda M3 1.0.0.13(4903). Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing a manipulation of the argument qvlan_truck_port results in heap-based buffer overflow. Remote exploitation of the attack is possible. The …
6.9
CVE-2025-15229 - Tenda CH22 DhcpListClient fromDhcpListClient denial of service
A vulnerability has been found in Tenda CH22 up to 1.0.0.1. Affected by this vulnerability is the function fromDhcpListClient of the file /goform/DhcpListClient. Such manipulation of the argument LISTLEN leads to denial of service. The attack may be launched remotely. The exploit has been disclosed…