Command injection in TOTOLINK T6 firmware 4.1.5cu.748 allows authenticated remote attackers to execute arbitrary commands via the ckeckKeepAlive function in the MQTT Packet Handler component (wireless.so). The vulnerability requires valid user credentials and network access but results only in low confidentiality, integrity, and availability impact. Publicly available exploit code exists, though the CVSS 2.1 score and EPSS 3.01% indicate low practical exploitation probability despite public disclosure.
Improper authorization in jshERP up to version 3.5 allows authenticated remote attackers to modify or delete user accounts via manipulation of the ID parameter in the /user/delete endpoint, potentially resulting in unauthorized account manipulation and information disclosure. Publicly available exploit code exists for this vulnerability.
Reflected cross-site scripting (XSS) in PHPGurukul Apartment Visitors Management System 1.0 allows remote attackers to inject malicious scripts via the searchdata parameter in /search-visitor.php. The vulnerability requires user interaction (clicking a malicious link) but enables session hijacking, credential theft, and malware distribution. Publicly available exploit code exists; however, the low EPSS score (0.07%) and minimal scope impact suggest limited real-world exploitation pressure despite public disclosure.
Weak password recovery in jshERP up to version 3.5 allows authenticated remote attackers to compromise user accounts via the /jshERP-boot/user/updatePwd endpoint. The vulnerability enables password reset functionality without adequate protection mechanisms, classified as problematic with CVSS 2.1 and EPSS 0.06%. Publicly available exploit code exists but active exploitation remains unconfirmed.
SQL injection in Food Ordering Review System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the reg_Id parameter in /user/reservation_page.php, with publicly available exploit code disclosed but low real-world exploitation risk due to CVSS 2.1 score, authentication requirement, and limited confidentiality impact.
Open redirect vulnerability in Sanluan PublicCMS up to version 5.202506.a allows authenticated remote attackers with low privileges to redirect users to arbitrary external URLs via manipulation of the url parameter in the admin preview functionality. The vulnerability requires user interaction (clicking a malicious link) and impacts integrity but not confidentiality or availability. Publicly available exploit code exists, and vendor patches are available.
Open redirect vulnerability in Sanluan PublicCMS up to version 5.202506.a allows authenticated remote attackers to redirect users to arbitrary URLs via manipulation of the File parameter in the PDF.js viewer component, requiring user interaction to trigger the redirect. The vulnerability has publicly available exploit code and affects the PDF viewer resource file, though real-world impact is limited by the requirement for prior authentication and user click interaction.
Reflected cross-site scripting in Public Chat Room 1.0 allows authenticated remote attackers to inject malicious scripts via the chat_msg or your_name parameters in /send_message.php, requiring user interaction to trigger payload execution. The vulnerability has a low CVSS score (2.0) and EPSS exploitation probability (0.05th percentile), but publicly available exploit code exists, limiting attack complexity for threat actors with valid credentials.
Uninitialized variable in libssh's privatekey_from_file() function can cause heap corruption or signing failures when a non-existent key file is specified, allowing local authenticated attackers to trigger memory corruption with potential for information disclosure. CVSS 3.6 reflects local attack vector and high complexity; exploitation requires authenticated access and specific file conditions.