Aggregator

A vulnerability labeled as critical has been found in projectworlds Online Art Gallery Shop 1.0. Impacted is an unknown function of the file /admin/adminHome.php. Executing a manipulation of the argument social_linked can lead to sql injection. This vulnerability is handled as CVE-2026-9364. The attack can be executed remotely. Additionally, an exploit exists.

Банальная оплошность уничтожила высокодоходную преступную схему.

A vulnerability identified as critical has been detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a manipulation of the argument method results in command injection. This vulnerability is known as CVE-2026-9363. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability categorized as critical has been discovered in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument max_Conn/timeOut leads to command injection. This vulnerability is traded as CVE-2026-9362. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Edimax EW-7438RPn 1.12. It has been rated as critical. This affects the function formAccept of the file /goform/formAccep of the component POST Request Handler. This manipulation of the argument submit-url causes command injection. This vulnerability appears as CVE-2026-9361. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Edimax EW-7438RPn 1.28a. It has been declared as critical. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The manipulation of the argument key1 results in buffer overflow. This vulnerability is reported as CVE-2026-9360. The attack can be launched remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Edimax EW-7438RPn 1.28a. It has been classified as critical. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wlanAddr/wanAddr/wlanSSID/wlanChan/comd/initgain/txcck/txofdm leads to command injection. This vulnerability is documented as CVE-2026-9359. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #813133 / VDB-365327

看雪论坛作者ID：mxystery

历经一年筹备，第九届PANDA大会将于2026年7月13-14日在深圳举办。

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

Submit #811554 / VDB-365326

Submit #811553 / VDB-365325

Submit #811552 / VDB-365324

Submit #811551 / VDB-365306

Submit #811544 / VDB-365323

Submit #811543 / VDB-365310

Submit #811542 / VDB-365308