Aggregator

CVE-2026-5020 | Totolink A3600R 4.1.2cu.5182_B20201102 Parameter /cgi-bin/cstecgi.cgi setNoticeCfg NoticeUrl command injection

VulDB Recent Entries
6 days 11 hours ago
A vulnerability described as critical has been identified in Totolink A3600R 4.1.2cu.5182_B20201102. Affected by this issue is the function setNoticeCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. The manipulation of the argument NoticeUrl results in command injection. This vulnerability is cataloged as CVE-2026-5020. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2026-5019 | code-projects Simple Food Order System 1.0 Parameter all-orders.php Status sql injection

VulDB Recent Entries
6 days 11 hours ago
A vulnerability marked as critical has been reported in code-projects Simple Food Order System 1.0. Affected by this vulnerability is an unknown functionality of the file all-orders.php of the component Parameter Handler. The manipulation of the argument Status leads to sql injection. This vulnerability is listed as CVE-2026-5019. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com

CVE-2026-5018 | code-projects Simple Food Order System 1.0 Parameter register-router.php Name sql injection

VulDB Recent Entries
6 days 11 hours ago
A vulnerability labeled as critical has been found in code-projects Simple Food Order System 1.0. Affected is an unknown function of the file register-router.php of the component Parameter Handler. Executing a manipulation of the argument Name can lead to sql injection. This vulnerability is tracked as CVE-2026-5018. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com

CVE-2026-5017 | code-projects Simple Food Order System 1.0 Parameter /all-tickets.php Status sql injection

VulDB Recent Entries
6 days 11 hours ago
A vulnerability identified as critical has been detected in code-projects Simple Food Order System 1.0. This impacts an unknown function of the file /all-tickets.php of the component Parameter Handler. Performing a manipulation of the argument Status results in sql injection. This vulnerability is identified as CVE-2026-5017. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com

Managed ad