5.3
CVE-2025-11098 - D-Link DIR-823X set_wifi_blacklists command injection
A vulnerability was found in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/set_wifi_blacklists. The manipulation of the argument macList results in command injection. The attack may be performed from remote. The exploit has been made public and could be useβ¦
5.3
CVE-2025-11097 - D-Link DIR-823X set_device_name command injection
A vulnerability has been found in D-Link DIR-823X 250416. Impacted is an unknown function of the file /goform/set_device_name. The manipulation of the argument mac leads to command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be β¦
5.3
CVE-2025-11096 - D-Link DIR-823X diag_traceroute command injection
A flaw has been found in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/diag_traceroute. Executing manipulation of the argument target_addr can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used.
5.3
CVE-2025-11095 - D-Link DIR-823X delete_offline_device command injection
A vulnerability was detected in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/delete_offline_device. Performing manipulation of the argument delvalue results in command injection. Remote exploitation of the attack is possible. The exploit is now public and may β¦
6.9
CVE-2025-11094 - code-projects E-Commerce Website admin_product_details.php sql injection
A security vulnerability has been detected in code-projects E-Commerce Website 1.0. This affects an unknown part of the file /pages/admin_product_details.php. Such manipulation of the argument prod_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicβ¦
5.3
CVE-2025-11092 - D-Link DIR-823X set_switch_settings sub_412E7C command injection
A weakness has been identified in D-Link DIR-823X 250416. Affected by this issue is the function sub_412E7C of the file /goform/set_switch_settings. This manipulation of the argument port causes command injection. The attack may be initiated remotely. The exploit has been made available to the publβ¦
8.7
CVE-2025-11091 - Tenda AC21 SetStaticRouteCfg sscanf buffer overflow
A security flaw has been discovered in Tenda AC21 up to 16.03.08.16. Affected by this vulnerability is the function sscanf of the file /goform/SetStaticRouteCfg. The manipulation of the argument list results in buffer overflow. The attack can be launched remotely. The exploit has been released to tβ¦
5.3
CVE-2025-11090 - itsourcecode Open Source Job Portal index.php sql injection
A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected is an unknown function of the file /admin/employee/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might bβ¦
6.9
CVE-2025-11089 - kidaze CourseSelectionSystem COUNT3s4.php sql injection
A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This impacts an unknown function of the file /Profilers/PriProfile/COUNT3s4.php. Executing manipulation of the argument cbranch can lead to sql injection. It is possible to launch the attaβ¦
5.3
CVE-2025-11088 - itsourcecode Open Source Job Portal index.php sql injection
A weakness has been identified in itsourcecode Open Source Job Portal 1.0. Impacted is an unknown function of the file /admin/vacancy/index.php?view=edit. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been made available toβ¦