Aggregator

Qilin

Dark Feed IO
1 month 2 weeks ago

You must login to view this content

cohenido

Qilin

Dark Feed IO
1 month 2 weeks ago

You must login to view this content

cohenido

Qilin

Dark Feed IO
1 month 2 weeks ago

You must login to view this content

cohenido

CVE-2026-3732 | Tenda F453 1.0.0.3 /goform/exeCommand strcpy cmdinput stack-based overflow (EUVD-2026-10235)

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability has been found in Tenda F453 1.0.0.3 and classified as critical. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. This vulnerability is traded as CVE-2026-3732. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2026-3731 | libssh up to 0.11.3 SFTP Extension Name src/sftp.c sftp_extensions_get_name/sftp_extensions_get_data idx out-of-bounds (libssh-2026-sftp-extensions / EUVD-2026-10234)

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability, which was classified as problematic, was found in libssh up to 0.11.3. The impacted element is the function sftp_extensions_get_name/sftp_extensions_get_data of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. This vulnerability appears as CVE-2026-3731. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.
vuldb.com

CVE-2023-51321 | PHPJabbers Night Club Booking Software 1.0 Forgot Password denial of service (EUVD-2023-56042)

Vuldb Updates
1 month 2 weeks ago
A vulnerability described as problematic has been identified in PHPJabbers Night Club Booking Software 1.0. This affects an unknown function of the component Forgot Password Handler. Executing a manipulation can lead to denial of service. This vulnerability is tracked as CVE-2023-51321. The attack can be launched remotely. No exploit exists.
vuldb.com

CVE-2026-3730 | itsourcecode Free Hotel Reservation System 1.0 index.php?view=edit amen_id/rmtype_id sql injection (EUVD-2026-10233)

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability, which was classified as critical, has been found in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/mod_amenities/index.php?view=edit. Performing a manipulation of the argument amen_id/rmtype_id results in sql injection. This vulnerability is reported as CVE-2026-3730. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com

CVE-2026-3729 | Tenda F453 1.0.0.3/3.As /goform/PPTPDClient fromPptpUserAdd username/opttype stack-based overflow (EUVD-2026-10232)

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability classified as critical was found in Tenda F453 1.0.0.3/3.As. Impacted is the function fromPptpUserAdd of the file /goform/PPTPDClient. Such manipulation of the argument username/opttype leads to stack-based buffer overflow. This vulnerability is documented as CVE-2026-3729. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com

CVE-2026-3728 | Tenda F453 1.0.0.3/1.If /goform/setcfm fromSetCfm funcname/funcpara1 stack-based overflow (EUVD-2026-10231)

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability classified as critical has been found in Tenda F453 1.0.0.3/1.If. This issue affects the function fromSetCfm of the file /goform/setcfm. This manipulation of the argument funcname/funcpara1 causes stack-based buffer overflow. This vulnerability is registered as CVE-2026-3728. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com

CVE-2026-3727 | Tenda F453 1.0.0.3 /goform/QuickIndex sub_3C6C0 mit_linktype/PPPOEPassword stack-based overflow (EUVD-2026-10230)

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability described as critical has been identified in Tenda F453 1.0.0.3. This vulnerability affects the function sub_3C6C0 of the file /goform/QuickIndex. The manipulation of the argument mit_linktype/PPPOEPassword results in stack-based buffer overflow. This vulnerability is cataloged as CVE-2026-3727. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2026-3726 | Tenda F453 1.0.0.3 webExcptypemanFilter fromwebExcptypemanFilter page stack-based overflow (EUVD-2026-10229)

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability marked as critical has been reported in Tenda F453 1.0.0.3. This affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. This vulnerability is listed as CVE-2026-3726. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com

CVE-2026-3725 | 1024-lab/lab1024 SmartAdmin up to 3.29 FreeMarker Template MailService.java freemarkerResolverContent template_content special elements used in a template engine (EUVD-2026-10228)

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability labeled as critical has been found in 1024-lab/lab1024 SmartAdmin up to 3.29. Affected by this issue is the function freemarkerResolverContent of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/mail/MailService.java of the component FreeMarker Template Handler. Executing a manipulation of the argument template_content can lead to improper neutralization of special elements used in a template engine. This vulnerability is tracked as CVE-2026-3725. The attack can be launched remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

Managed ad