Tenda AC15 router has a code injection in formsetUsbUnload (EPSS 1.7%) enabling unauthenticated remote code execution.
Tenda AC15 router has a command injection in formSetIptv (EPSS 1.1%) enabling unauthenticated root-level code execution.
Tenda W20E router has a code injection vulnerability in usbPartitionName parameter allowing unauthenticated remote code execution with EPSS 1.1%.
Chamilo LMS prior to 1.11.28 has a code injection through SOAP request parameters enabling remote code execution.
Twenty CRM v1.15.0 has a code injection vulnerability enabling remote attackers to execute arbitrary code through the CRM platform.
Tenda W20E has a ninth buffer overflow in yet another CGI endpoint.
Tenda W20E has an eighth buffer overflow in addDhcpRules parameter.
Tenda W20E has a seventh buffer overflow in gstup parameter handling.
Tenda W20E has a sixth buffer overflow in pPortMapIndex parameter validation.
Tenda W20E has a fifth buffer overflow.
Tenda W20E has a fourth buffer overflow vulnerability.
Tenda W20E has a third buffer overflow in a different CGI parameter.
Tenda W20E has a buffer overflow — second of eight critical vulnerabilities in this router firmware.
Simple Food Order System v1.0 has SQL injection in cancel-order.
Simple Food Order System v1.0 has SQL injection in view-ticket-admin.
Simple Food Order System v1.0 has SQL injection in view-ticket.
Simple Food Order System v1.0 has SQL injection in edit-order.
Simple Gym Management System v1.0 has SQL injection in trainer search.
Pharmacy POS has a fifth SQL injection in view_sales.
Pharmacy POS has a fourth SQL injection in view_reports.
Pharmacy POS has a third SQL injection in view_products.
Pharmacy POS has a second SQL injection in view_categories.
Pharmacy Point of Sale System v1.0 has SQL injection in manage endpoints.
Personnel Property Equipment System has a fourth SQL injection.
Personnel Property Equipment System v1.0 has a third SQL injection.
Personnel Property Equipment System v1.0 has a second SQL injection in a different admin endpoint.
Personnel Property Equipment System v1.0 has SQL injection in admin panel.
Simple Student Alumni System v1.0 has a third SQL injection.
Simple Student Alumni System v1.0 has SQL injection in record_search.php.
Simple Student Alumni System v1.0 has SQL injection in modal_view.php.
Chamilo LMS prior to 1.11.30 has a time-based SQL injection in a different endpoint, providing an additional database extraction vector.
Chamilo LMS prior to 1.11.30 has an error-based SQL injection enabling database extraction.
Chamilo LMS prior to 1.11.30 has a blind SSRF vulnerability enabling internal network reconnaissance from the learning platform.
U-Office Force by e-Excellence has an insecure deserialization vulnerability allowing unauthenticated remote code execution.
DobryCMS has an unauthenticated file upload vulnerability allowing remote attackers to upload and execute arbitrary files on the web server.
IDExpert Windows Logon Agent has a second RCE vulnerability through another unsigned code download path.
IDExpert Windows Logon Agent by Changing has an RCE vulnerability through download of code without integrity check, allowing malicious update injection.
Chamilo LMS prior to 1.11.30 has an insecure deserialization vulnerability enabling remote code execution through crafted serialized data.
Android has a heap buffer overflow in multiple locations enabling privilege escalation through out-of-bounds read and write operations.
SimStudio below 0.5.74 has a missing authorization on MongoDB tool endpoints that allows attackers to execute arbitrary MongoDB operations.
In the endpoints "/cgi-bin/CliniNET.prd/utils/usrlogstat_simple.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat.pl", "/cgi-bin/CliniNET.prd/utils/userlogstat2.pl", and "/cgi-bin/CliniNET.prd/utils/dblogstat.pl", the parameters are not sufficiently normalized, which enables code injection.
SQL injection in the authentication module of CISER System SL firmware allows unauthenticated remote attackers to compromise stored configuration data by submitting crafted SQL through the login interface. The CVSS 4.0 base score of 9.3 reflects network-reachable, no-privilege, no-interaction exploitation with high confidentiality and integrity impact, though EPSS remains low at 0.36% and no public exploit identified at time of analysis. The advisory was coordinated by INCIBE-CERT (Spain).
A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path resulting in Blind SQL Injection.
SimStudio has a second authorization flaw in the OAuth token endpoint that allows privilege escalation through crafted token requests.
Android MmsProvider has a vulnerability allowing arbitrary file deletion through improper handling of MMS data, potentially causing data loss on mobile devices.
The vulnerability enables an attacker to fully bypass authentication in CGM CLININET and gain access to any active user account by supplying only the username, without requiring a password or any other credentials.