8.8
CVE-2025-4387 - Abandoned Cart Pro for WooCommerce <= 9.16.0 - Authenticated (Subscriber+) Arbitrary File Upload
The Abandoned Cart Pro for WooCommerce plugin contains an authenticated arbitrary file upload vulnerability due to missing file type validation in the wcap_add_to_cart_popup_upload_files function in all versions up to, and including, 9.16.0. This makes it possible for an authenticated attacker, witโฆ
4.3
CVE-2025-5925 - Bunnyโs Print CSS <= 0.95 - Cross-Site Request Forgery to Settings Update
The Bunnyโs Print CSS plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.95. This is due to missing or incorrect nonce validation on the pcss_options_subpanel() function. This makes it possible for unauthenticated attackers to update settings viโฆ
8.7
CVE-2025-5934 - Netgear EX3700 mtd sub_41619C stack-based overflow
A vulnerability was found in Netgear EX3700 up to 1.0.0.88. It has been classified as critical. Affected is the function sub_41619C of the file /mtd. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public andโฆ
6.9
CVE-2025-5913 - PHPGurukul Vehicle Record Management System search-vehicle.php sql injection
A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipulation of the argument searchinputdata leads to sql injection. The attack may be initiated remotelโฆ
8.7
CVE-2025-5912 - D-Link DIR-632 HTTP POST Request do_file stack-based overflow
A vulnerability was found in D-Link DIR-632 FW103B08. It has been declared as critical. This vulnerability affects the function do_file of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclโฆ
8.7
CVE-2025-5911 - TOTOLINK EX1200T HTTP POST Request formDMZ buffer overflow
A vulnerability was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formDMZ of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be launched rโฆ
8.7
CVE-2025-5910 - TOTOLINK EX1200T HTTP POST Request formWsc buffer overflow
A vulnerability has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can beโฆ
8.7
CVE-2025-5909 - TOTOLINK EX1200T HTTP POST Request formReflashClientTbl buffer overflow
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. It is possible to launch theโฆ
8.7
CVE-2025-5908 - TOTOLINK EX1200T HTTP POST Request formIpQoS buffer overflow
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiโฆ
8.7
CVE-2025-5907 - TOTOLINK EX1200T HTTP POST Request formFilter buffer overflow
A vulnerability classified as critical was found in TOTOLINK EX1200T up to 4.1.2cu.5232_B20210713. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The โฆ