6.5
CVE-2025-45490 -
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the password parameter.
9.8
CVE-2025-45491 -
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the runtime.ddnsStatus DynDNS function via the username parameter.
5.1
CVE-2023-33770 -
Real Estate Management System v1.0 was discovered to contain a SQL injection vulnerability via the message parameter at /contact.php.
6.5
CVE-2025-44900 -
In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function of the web url /goform/GetParentControlInfo, the manipulation of the parameter mac leads to stack overflow.
8.7
CVE-2025-4298 - Tenda AC1206 setcfm formSetCfm buffer overflow
A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has been declared as critical. This vulnerability affects the function formSetCfm of the file /goform/setcfm. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the publicβ¦
6.9
CVE-2025-4297 - PHPGurukul Men Salon Management System change-password.php sql injection
A vulnerability was found in PHPGurukul Men Salon Management System 2.0. It has been classified as critical. This affects an unknown part of the file /admin/change-password.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed tβ¦
4.8
CVE-2025-4293 - MRCMS Group Edit Page edit.do cross site scripting
A vulnerability was found in MRCMS 3.1.3 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/group/edit.do of the component Group Edit Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been dβ¦
4.8
CVE-2025-4292 - MRCMS Edit User Page edit.do cross site scripting
A vulnerability has been found in MRCMS 3.1.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/user/edit.do of the component Edit User Page. The manipulation of the argument Username leads to cross site scripting. The attack can be launcheβ¦
5.3
CVE-2025-4291 - IdeaCMS saveUpload unrestricted upload
A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is the function saveUpload. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
6.9
CVE-2025-4290 - PCMan FTP Server SMNT Command buffer overflow
A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component SMNT Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the publiβ¦