5.3
CVE-2025-15220 - SohuTV CacheCloud LoginController.java init cross site scripting
A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This affects the function init of the file src/main/java/com/sohu/cache/web/controller/LoginController.java. The manipulation results in cross site scripting. The attack may be launched remotely. The exploit is now public and may be useβ¦
5.1
CVE-2025-15219 - SohuTV CacheCloud MachineManageController.java doPodList cross site scripting
A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doMachineList/doPodList of the file src/main/java/com/sohu/cache/web/controller/MachineManageController.java. The manipulation leads to cross site scripting. The attack may be initiatβ¦
8.7
CVE-2025-15218 - Tenda AC10U POST Request Parameter AdvSetLanip fromadvsetlanip buffer overflow
A weakness has been identified in Tenda AC10U 15.03.06.48/15.03.06.49. Affected by this vulnerability is the function fromadvsetlanip of the file /goform/AdvSetLanip of the component POST Request Parameter Handler. Executing a manipulation of the argument lanMask can lead to buffer overflow. The atβ¦
8.7
CVE-2025-15217 - Tenda AC23 HTTP POST Request formSetPPTPUserList buffer overflow
A security flaw has been discovered in Tenda AC23 16.03.07.52. Affected is the function formSetPPTPUserList of the component HTTP POST Request Handler. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely.
8.7
CVE-2025-15216 - Tenda AC23 SetIpMacBind fromSetIpMacBind stack-based overflow
A vulnerability was identified in Tenda AC23 16.03.07.52. This impacts the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument bindnum leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and β¦
8.7
CVE-2025-15215 - Tenda AC10U HTTP POST Request setPptpUserList formSetPPTPUserList buffer overflow
A vulnerability was determined in Tenda AC10U 15.03.06.48/15.03.06.49. This affects the function formSetPPTPUserList of the file /goform/setPptpUserList of the component HTTP POST Request Handler. This manipulation of the argument list causes buffer overflow. It is possible to initiate the attack rβ¦
4.8
CVE-2025-15214 - Campcodes Park Ticketing System admin_class.php save_pricing cross site scripting
A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the function save_pricing of the file admin_class.php. The manipulation of the argument name/ride results in cross site scripting. The attack may be performed from remote. The exploit has been made public and β¦
7.5
CVE-2025-69235 -
Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment.
9.1
CVE-2025-69234 -
Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment.
5.3
CVE-2025-15213 - code-projects Student File Management System File Download download.php improper authorization
A vulnerability has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /download.php of the component File Download Handler. The manipulation of the argument store_id leads to improper authorization. The attack is possible to be cβ¦