Aggregator

Submit #749800 / VDB-344894

A vulnerability, which was classified as critical, was found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /ramonsys/user/controller.php. The manipulation of the argument ID results in sql injection. This vulnerability is reported as CVE-2026-2190. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability, which was classified as critical, has been found in itsourcecode School Management System 1.0. This affects an unknown function of the file /ramonsys/report/index.php. The manipulation of the argument ay leads to sql injection. This vulnerability is documented as CVE-2026-2189. The attack can be initiated remotely. Additionally, an exploit exists.

Submit #749786 / VDB-177391

A vulnerability classified as critical was found in UTT 进取 521G 3.1.1-190816. The impacted element is the function sub_446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. This vulnerability is registered as CVE-2026-2188. It is possible to launch the attack remotely. Furthermore, an exploit is available.

Submit #749783 / VDB-344893

A vulnerability classified as critical has been found in Tenda RX3 16.03.13.11. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. This vulnerability is cataloged as CVE-2026-2187. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability described as critical has been identified in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. This vulnerability is listed as CVE-2026-2186. The attack may be performed from remote. In addition, an exploit is available.

Submit #749747 / VDB-344775

Submit #749746 / VDB-344892

Submit #749733 / VDB-344891

Submit #749721 / VDB-344890

Submit #749718 / VDB-344889

Почему формула 1877 года побеждает все современные теории.

Experts Advise Moving From Verifying Identities to Knowing Agent Intentions
Financial institutions are rushing to deploy AI agents capable of autonomously initiating transactions, approving payments and freezing accounts in real time. But agents are creating a "dual authentication crisis" that traditional security frameworks cannot address.

今日暂未更新资讯~
更多最新文章，请访问SecWiki

A vulnerability was found in Rockwellautomation Studio 5000 Logix Designer 30.01.00. It has been declared as problematic. This affects an unknown function of the file C:\Program Files (x86)\Rockwell Software\FactoryTalk Activation\ of the component FactoryTalk Activation Service. Such manipulation leads to unquoted search path. This vulnerability is uniquely identified as CVE-2019-25276. Local access is required to approach this attack. Moreover, an exploit is present.

A vulnerability was found in ncp-e NCP_Secure_Entry_Client 9.2x. It has been rated as problematic. This impacts an unknown function of the component Windows Service. Performing a manipulation results in unquoted search path. This vulnerability was named CVE-2019-25281. The attack needs to be approached locally. In addition, an exploit is available.

A vulnerability categorized as problematic has been discovered in Shrew Soft VPN Client 2.2.2. Affected is an unknown function. Executing a manipulation can lead to unquoted search path. The identification of this vulnerability is CVE-2019-25283. The attack can only be executed locally. Furthermore, there is an exploit available.