Search criteria
11784 vulnerabilities
CVE-2025-15506 (GCVE-0-2025-15506)
Vulnerability from cvelistv5 – Published: 2026-01-11 11:02 – Updated: 2026-01-11 11:02 X_Open Source
VLAI?
Title
AcademySoftwareFoundation OpenColorIO FileRules.cpp ConvertToRegularExpression out-of-bounds
Summary
A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is named ebdbb75123c9d5f4643e041314e2bc988a13f20d. To fix this issue, it is recommended to deploy a patch. The fix was added to the 2.5.1 milestone.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| AcademySoftwareFoundation | OpenColorIO |
Affected:
2.0
Affected: 2.1 Affected: 2.2 Affected: 2.3 Affected: 2.4 Affected: 2.5.0 |
Credits
Oneafter (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "OpenColorIO",
"vendor": "AcademySoftwareFoundation",
"versions": [
{
"status": "affected",
"version": "2.0"
},
{
"status": "affected",
"version": "2.1"
},
{
"status": "affected",
"version": "2.2"
},
{
"status": "affected",
"version": "2.3"
},
{
"status": "affected",
"version": "2.4"
},
{
"status": "affected",
"version": "2.5.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Oneafter (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in AcademySoftwareFoundation OpenColorIO up to 2.5.0. This issue affects the function ConvertToRegularExpression of the file src/OpenColorIO/FileRules.cpp. Performing a manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is named ebdbb75123c9d5f4643e041314e2bc988a13f20d. To fix this issue, it is recommended to deploy a patch. The fix was added to the 2.5.1 milestone."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "Out-of-Bounds Read",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-11T11:02:09.187Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340444 | AcademySoftwareFoundation OpenColorIO FileRules.cpp ConvertToRegularExpression out-of-bounds",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340444"
},
{
"name": "VDB-340444 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340444"
},
{
"name": "Submit #733332 | AcademySoftwareFoundation OpenColorIO 1d77ecd Out-of-Bounds Read",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.733332"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/AcademySoftwareFoundation/OpenColorIO/issues/2228"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/AcademySoftwareFoundation/OpenColorIO/pull/2231"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/oneafter/1225/blob/main/uaf"
},
{
"tags": [
"patch"
],
"url": "https://github.com/cozdas/OpenColorIO/commit/ebdbb75123c9d5f4643e041314e2bc988a13f20d"
},
{
"tags": [
"patch"
],
"url": "https://github.com/AcademySoftwareFoundation/OpenColorIO/milestone/11"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-10T19:26:03.000Z",
"value": "VulDB entry last update"
}
],
"title": "AcademySoftwareFoundation OpenColorIO FileRules.cpp ConvertToRegularExpression out-of-bounds"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15506",
"datePublished": "2026-01-11T11:02:09.187Z",
"dateReserved": "2026-01-10T18:20:54.803Z",
"dateUpdated": "2026-01-11T11:02:09.187Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0843 (GCVE-0-2026-0843)
Vulnerability from cvelistv5 – Published: 2026-01-11 09:02 – Updated: 2026-01-11 09:02
VLAI?
Title
jiujiujia/victor123/wxw850227 jjjfood/jjjshop_food index sql injection
Summary
A vulnerability has been found in jiujiujia/victor123/wxw850227 jjjfood and jjjshop_food up to 20260103. This vulnerability affects unknown code of the file /index.php/api/product.category/index. Such manipulation of the argument latitude leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product is distributed under multiple different names. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| jiujiujia | jjjfood |
Affected:
20260103
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
Credits
BadKitty (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "jjjfood",
"vendor": "jiujiujia",
"versions": [
{
"status": "affected",
"version": "20260103"
}
]
},
{
"product": "jjjshop_food",
"vendor": "jiujiujia",
"versions": [
{
"status": "affected",
"version": "20260103"
}
]
},
{
"product": "jjjfood",
"vendor": "victor123",
"versions": [
{
"status": "affected",
"version": "20260103"
}
]
},
{
"product": "jjjshop_food",
"vendor": "victor123",
"versions": [
{
"status": "affected",
"version": "20260103"
}
]
},
{
"product": "jjjfood",
"vendor": "wxw850227",
"versions": [
{
"status": "affected",
"version": "20260103"
}
]
},
{
"product": "jjjshop_food",
"vendor": "wxw850227",
"versions": [
{
"status": "affected",
"version": "20260103"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "BadKitty (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in jiujiujia/victor123/wxw850227 jjjfood and jjjshop_food up to 20260103. This vulnerability affects unknown code of the file /index.php/api/product.category/index. Such manipulation of the argument latitude leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product is distributed under multiple different names. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-11T09:02:05.907Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340443 | jiujiujia/victor123/wxw850227 jjjfood/jjjshop_food index sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340443"
},
{
"name": "VDB-340443 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340443"
},
{
"name": "Submit #731001 | https://www.jiujiujia.net/ PHP-based Three-Dot Ordering System Vulnerable to SQL Injection lasest SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.731001"
},
{
"tags": [
"exploit"
],
"url": "http://101.200.76.102:38765/qwertyuiop/qwsdfvbnm/1/vuldb/JJJshop/EnglishVers%E4%B8%89%E5%8B%BE%E7%82%B9%E9%A4%90%E7%B3%BB%E7%BB%9FPHP%E7%89%88%E5%AD%98%E5%9C%A8product.category.indexSQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.pdf"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-10T11:07:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "jiujiujia/victor123/wxw850227 jjjfood/jjjshop_food index sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0843",
"datePublished": "2026-01-11T09:02:05.907Z",
"dateReserved": "2026-01-10T10:02:26.170Z",
"dateUpdated": "2026-01-11T09:02:05.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0842 (GCVE-0-2026-0842)
Vulnerability from cvelistv5 – Published: 2026-01-11 08:02 – Updated: 2026-01-11 08:02
VLAI?
Title
Flycatcher Toys smART Sketcher Bluetooth Low Energy missing authentication
Summary
A flaw has been found in Flycatcher Toys smART Sketcher up to 2.0. This affects an unknown part of the component Bluetooth Low Energy Interface. This manipulation causes missing authentication. The attack can only be done within the local network. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Flycatcher Toys | smART Sketcher |
Affected:
2.0
|
Credits
davidrochester (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"modules": [
"Bluetooth Low Energy Interface"
],
"product": "smART Sketcher",
"vendor": "Flycatcher Toys",
"versions": [
{
"status": "affected",
"version": "2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "davidrochester (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in Flycatcher Toys smART Sketcher up to 2.0. This affects an unknown part of the component Bluetooth Low Energy Interface. This manipulation causes missing authentication. The attack can only be done within the local network. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "Missing Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-11T08:02:06.221Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340442 | Flycatcher Toys smART Sketcher Bluetooth Low Energy missing authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.340442"
},
{
"name": "VDB-340442 | CTI Indicators (IOB, IOC)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340442"
},
{
"name": "Submit #729134 | Flycatcher Toys smART Sketcher 2.0 0/1/2 Missing Authentication for Critical Function",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.729134"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/davidrxchester/smart-sketcher-upload/blob/main/smartsketch-upload.py"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-10T10:58:06.000Z",
"value": "VulDB entry last update"
}
],
"title": "Flycatcher Toys smART Sketcher Bluetooth Low Energy missing authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0842",
"datePublished": "2026-01-11T08:02:06.221Z",
"dateReserved": "2026-01-10T09:52:57.730Z",
"dateUpdated": "2026-01-11T08:02:06.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0841 (GCVE-0-2026-0841)
Vulnerability from cvelistv5 – Published: 2026-01-11 07:32 – Updated: 2026-01-11 07:32
VLAI?
Title
UTT 进取 520W formPictureUrl strcpy buffer overflow
Summary
A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
GUOTINGTING (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "\u8fdb\u53d6 520W",
"vendor": "UTT",
"versions": [
{
"status": "affected",
"version": "1.7.7-180627"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "GUOTINGTING (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in UTT \u8fdb\u53d6 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl results in buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-11T07:32:07.736Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340441 | UTT \u8fdb\u53d6 520W formPictureUrl strcpy buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340441"
},
{
"name": "VDB-340441 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340441"
},
{
"name": "Submit #729030 | UTT \u8fdb\u53d6 520W v3v1.7.7-180627 Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.729030"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/GUOTINGTING2297/cve/blob/main/1234/31.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-10T10:56:04.000Z",
"value": "VulDB entry last update"
}
],
"title": "UTT \u8fdb\u53d6 520W formPictureUrl strcpy buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0841",
"datePublished": "2026-01-11T07:32:07.736Z",
"dateReserved": "2026-01-10T09:50:50.309Z",
"dateUpdated": "2026-01-11T07:32:07.736Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0840 (GCVE-0-2026-0840)
Vulnerability from cvelistv5 – Published: 2026-01-11 06:32 – Updated: 2026-01-11 06:32
VLAI?
Title
UTT 进取 520W formConfigNoticeConfig strcpy buffer overflow
Summary
A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. Affected by this vulnerability is the function strcpy of the file /goform/formConfigNoticeConfig. The manipulation of the argument timestart leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
GUOTINGTING (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "\u8fdb\u53d6 520W",
"vendor": "UTT",
"versions": [
{
"status": "affected",
"version": "1.7.7-180627"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "GUOTINGTING (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security vulnerability has been detected in UTT \u8fdb\u53d6 520W 1.7.7-180627. Affected by this vulnerability is the function strcpy of the file /goform/formConfigNoticeConfig. The manipulation of the argument timestart leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-11T06:32:06.734Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340440 | UTT \u8fdb\u53d6 520W formConfigNoticeConfig strcpy buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340440"
},
{
"name": "VDB-340440 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340440"
},
{
"name": "Submit #729029 | UTT \u8fdb\u53d6 520W v3v1.7.7-180627 Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.729029"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/GUOTINGTING2297/cve/blob/main/1234/30.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-10T10:56:02.000Z",
"value": "VulDB entry last update"
}
],
"title": "UTT \u8fdb\u53d6 520W formConfigNoticeConfig strcpy buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0840",
"datePublished": "2026-01-11T06:32:06.734Z",
"dateReserved": "2026-01-10T09:50:47.359Z",
"dateUpdated": "2026-01-11T06:32:06.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0839 (GCVE-0-2026-0839)
Vulnerability from cvelistv5 – Published: 2026-01-11 06:02 – Updated: 2026-01-11 06:02
VLAI?
Title
UTT 进取 520W APSecurity strcpy buffer overflow
Summary
A weakness has been identified in UTT 进取 520W 1.7.7-180627. Affected is the function strcpy of the file /goform/APSecurity. Executing a manipulation of the argument wepkey1 can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
GUOTINGTING (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "\u8fdb\u53d6 520W",
"vendor": "UTT",
"versions": [
{
"status": "affected",
"version": "1.7.7-180627"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "GUOTINGTING (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A weakness has been identified in UTT \u8fdb\u53d6 520W 1.7.7-180627. Affected is the function strcpy of the file /goform/APSecurity. Executing a manipulation of the argument wepkey1 can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-11T06:02:05.798Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340439 | UTT \u8fdb\u53d6 520W APSecurity strcpy buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340439"
},
{
"name": "VDB-340439 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340439"
},
{
"name": "Submit #729028 | UTT \u8fdb\u53d6 520W v3v1.7.7-180627 Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.729028"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/GUOTINGTING2297/cve/blob/main/1234/29.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-10T10:56:00.000Z",
"value": "VulDB entry last update"
}
],
"title": "UTT \u8fdb\u53d6 520W APSecurity strcpy buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0839",
"datePublished": "2026-01-11T06:02:05.798Z",
"dateReserved": "2026-01-10T09:50:44.665Z",
"dateUpdated": "2026-01-11T06:02:05.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0838 (GCVE-0-2026-0838)
Vulnerability from cvelistv5 – Published: 2026-01-11 05:32 – Updated: 2026-01-11 05:32
VLAI?
Title
UTT 进取 520W ConfigWirelessBase strcpy buffer overflow
Summary
A security flaw has been discovered in UTT 进取 520W 1.7.7-180627. This impacts the function strcpy of the file /goform/ConfigWirelessBase. Performing a manipulation of the argument ssid results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
Lena-lyy02 (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "\u8fdb\u53d6 520W",
"vendor": "UTT",
"versions": [
{
"status": "affected",
"version": "1.7.7-180627"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Lena-lyy02 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in UTT \u8fdb\u53d6 520W 1.7.7-180627. This impacts the function strcpy of the file /goform/ConfigWirelessBase. Performing a manipulation of the argument ssid results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-11T05:32:06.225Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340438 | UTT \u8fdb\u53d6 520W ConfigWirelessBase strcpy buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340438"
},
{
"name": "VDB-340438 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340438"
},
{
"name": "Submit #729020 | UTT \u8fdb\u53d6 520W v3v1.7.7-180627 Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.729020"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Lena-lyy/cve/blob/main/1223/28.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-10T10:55:58.000Z",
"value": "VulDB entry last update"
}
],
"title": "UTT \u8fdb\u53d6 520W ConfigWirelessBase strcpy buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0838",
"datePublished": "2026-01-11T05:32:06.225Z",
"dateReserved": "2026-01-10T09:50:41.818Z",
"dateUpdated": "2026-01-11T05:32:06.225Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0837 (GCVE-0-2026-0837)
Vulnerability from cvelistv5 – Published: 2026-01-11 05:02 – Updated: 2026-01-11 05:02
VLAI?
Title
UTT 进取 520W formFireWall strcpy buffer overflow
Summary
A vulnerability was identified in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
Lena-lyy02 (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "\u8fdb\u53d6 520W",
"vendor": "UTT",
"versions": [
{
"status": "affected",
"version": "1.7.7-180627"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Lena-lyy02 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in UTT \u8fdb\u53d6 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-11T05:02:06.048Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340437 | UTT \u8fdb\u53d6 520W formFireWall strcpy buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340437"
},
{
"name": "VDB-340437 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340437"
},
{
"name": "Submit #729019 | UTT \u8fdb\u53d6 520W v3v1.7.7-180627 Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.729019"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Lena-lyy/cve/blob/main/1223/27.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-10T10:55:57.000Z",
"value": "VulDB entry last update"
}
],
"title": "UTT \u8fdb\u53d6 520W formFireWall strcpy buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0837",
"datePublished": "2026-01-11T05:02:06.048Z",
"dateReserved": "2026-01-10T09:50:39.186Z",
"dateUpdated": "2026-01-11T05:02:06.048Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0836 (GCVE-0-2026-0836)
Vulnerability from cvelistv5 – Published: 2026-01-11 04:32 – Updated: 2026-01-11 04:32
VLAI?
Title
UTT 进取 520W formConfigFastDirectionW strcpy buffer overflow
Summary
A vulnerability was determined in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW. This manipulation of the argument ssid causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
Lena-lyy02 (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "\u8fdb\u53d6 520W",
"vendor": "UTT",
"versions": [
{
"status": "affected",
"version": "1.7.7-180627"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Lena-lyy02 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in UTT \u8fdb\u53d6 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW. This manipulation of the argument ssid causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-11T04:32:06.535Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340436 | UTT \u8fdb\u53d6 520W formConfigFastDirectionW strcpy buffer overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340436"
},
{
"name": "VDB-340436 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340436"
},
{
"name": "Submit #729018 | UTT \u8fdb\u53d6 520W v3v1.7.7-180627 Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.729018"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Lena-lyy/cve/blob/main/1223/26.md"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-10T10:55:55.000Z",
"value": "VulDB entry last update"
}
],
"title": "UTT \u8fdb\u53d6 520W formConfigFastDirectionW strcpy buffer overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0836",
"datePublished": "2026-01-11T04:32:06.535Z",
"dateReserved": "2026-01-10T09:50:30.695Z",
"dateUpdated": "2026-01-11T04:32:06.535Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15505 (GCVE-0-2025-15505)
Vulnerability from cvelistv5 – Published: 2026-01-11 01:32 – Updated: 2026-01-11 01:32
VLAI?
Title
Luxul XWR-600 Web Administration cross site scripting
Summary
A vulnerability was found in Luxul XWR-600 up to 4.0.1. The affected element is an unknown function of the component Web Administration Interface. The manipulation of the argument Guest Network/Wireless Profile SSID results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond with a technical statement.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Credits
AppSecHuntr (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"modules": [
"Web Administration Interface"
],
"product": "XWR-600",
"vendor": "Luxul",
"versions": [
{
"status": "affected",
"version": "4.0.0"
},
{
"status": "affected",
"version": "4.0.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "AppSecHuntr (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Luxul XWR-600 up to 4.0.1. The affected element is an unknown function of the component Web Administration Interface. The manipulation of the argument Guest Network/Wireless Profile SSID results in cross site scripting. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond with a technical statement."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-11T01:32:07.400Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340435 | Luxul XWR-600 Web Administration cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340435"
},
{
"name": "VDB-340435 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340435"
},
{
"name": "Submit #727924 | Luxul XWR-600 Router Firmware Ver: 4.0.1 Cross Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727924"
},
{
"tags": [
"exploit"
],
"url": "https://docs.google.com/document/d/1S2f5lT0b-KE9m6xq8BY6eSixv6SgsGL1e8QQzeOkq5c/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-10T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-10T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-10T10:49:30.000Z",
"value": "VulDB entry last update"
}
],
"title": "Luxul XWR-600 Web Administration cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15505",
"datePublished": "2026-01-11T01:32:07.400Z",
"dateReserved": "2026-01-10T09:44:02.553Z",
"dateUpdated": "2026-01-11T01:32:07.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0824 (GCVE-0-2026-0824)
Vulnerability from cvelistv5 – Published: 2026-01-10 14:32 – Updated: 2026-01-10 14:32 X_Open Source
VLAI?
Title
questdb ui Web Console cross site scripting
Summary
A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading to version 1.1.10 is recommended to address this issue. The patch is identified as b42fd9f18476d844ae181a10a249e003dafb823d. You should upgrade the affected component. The vendor confirmed early that the fix "is going to be released as a part of QuestDB 9.3.0" as well.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
Credits
59lab (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"modules": [
"Web Console"
],
"product": "ui",
"vendor": "questdb",
"versions": [
{
"status": "affected",
"version": "1.11.0"
},
{
"status": "affected",
"version": "1.11.1"
},
{
"status": "affected",
"version": "1.11.2"
},
{
"status": "affected",
"version": "1.11.3"
},
{
"status": "affected",
"version": "1.11.4"
},
{
"status": "affected",
"version": "1.11.5"
},
{
"status": "affected",
"version": "1.11.6"
},
{
"status": "affected",
"version": "1.11.7"
},
{
"status": "affected",
"version": "1.11.8"
},
{
"status": "affected",
"version": "1.11.9"
},
{
"status": "unaffected",
"version": "1.1.10"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "59lab (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading to version 1.1.10 is recommended to address this issue. The patch is identified as b42fd9f18476d844ae181a10a249e003dafb823d. You should upgrade the affected component. The vendor confirmed early that the fix \"is going to be released as a part of QuestDB 9.3.0\" as well."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-10T14:32:08.724Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340357 | questdb ui Web Console cross site scripting",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.340357"
},
{
"name": "VDB-340357 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340357"
},
{
"name": "Submit #733253 | questdb V9.2.3(latest) xss",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.733253"
},
{
"tags": [
"related"
],
"url": "https://github.com/59lab/dbdb/blob/main/There%20is%20a%20cross-site%20scripting(XSS)%20vulnerability%20in%20the%20QuestDB%20database.md"
},
{
"tags": [
"patch"
],
"url": "https://github.com/questdb/questdb/releases/tag/9.3.0"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/questdb/ui/pull/519#issue-3790862030"
},
{
"tags": [
"patch"
],
"url": "https://github.com/questdb/ui/commit/b42fd9f18476d844ae181a10a249e003dafb823d"
},
{
"tags": [
"issue-tracking",
"patch"
],
"url": "https://github.com/questdb/ui/pull/518"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T19:40:31.000Z",
"value": "VulDB entry last update"
}
],
"title": "questdb ui Web Console cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0824",
"datePublished": "2026-01-10T14:32:08.724Z",
"dateReserved": "2026-01-09T18:34:33.813Z",
"dateUpdated": "2026-01-10T14:32:08.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0822 (GCVE-0-2026-0822)
Vulnerability from cvelistv5 – Published: 2026-01-10 13:32 – Updated: 2026-01-10 13:32 X_Open Source
VLAI?
Title
quickjs-ng quickjs quickjs.c js_typed_array_sort heap-based overflow
Summary
A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The identifier of the patch is 53eefbcd695165a3bd8c584813b472cb4a69fbf5. To fix this issue, it is recommended to deploy a patch.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| quickjs-ng | quickjs |
Affected:
0.1
Affected: 0.2 Affected: 0.3 Affected: 0.4 Affected: 0.5 Affected: 0.6 Affected: 0.7 Affected: 0.8 Affected: 0.9 Affected: 0.10 Affected: 0.11.0 |
Credits
mcsky23 (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "quickjs",
"vendor": "quickjs-ng",
"versions": [
{
"status": "affected",
"version": "0.1"
},
{
"status": "affected",
"version": "0.2"
},
{
"status": "affected",
"version": "0.3"
},
{
"status": "affected",
"version": "0.4"
},
{
"status": "affected",
"version": "0.5"
},
{
"status": "affected",
"version": "0.6"
},
{
"status": "affected",
"version": "0.7"
},
{
"status": "affected",
"version": "0.8"
},
{
"status": "affected",
"version": "0.9"
},
{
"status": "affected",
"version": "0.10"
},
{
"status": "affected",
"version": "0.11.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "mcsky23 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file quickjs.c. The manipulation leads to heap-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. The identifier of the patch is 53eefbcd695165a3bd8c584813b472cb4a69fbf5. To fix this issue, it is recommended to deploy a patch."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-10T13:32:08.881Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340356 | quickjs-ng quickjs quickjs.c js_typed_array_sort heap-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340356"
},
{
"name": "VDB-340356 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340356"
},
{
"name": "Submit #731783 | quickjs-ng quickjs v0.11.0 Heap-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.731783"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/quickjs-ng/quickjs/issues/1297"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/quickjs-ng/quickjs/pull/1298"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/quickjs-ng/quickjs/issues/1297#issue-3780006202"
},
{
"tags": [
"patch"
],
"url": "https://github.com/quickjs-ng/quickjs/commit/53eefbcd695165a3bd8c584813b472cb4a69fbf5"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T19:29:44.000Z",
"value": "VulDB entry last update"
}
],
"title": "quickjs-ng quickjs quickjs.c js_typed_array_sort heap-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0822",
"datePublished": "2026-01-10T13:32:08.881Z",
"dateReserved": "2026-01-09T18:24:23.935Z",
"dateUpdated": "2026-01-10T13:32:08.881Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0821 (GCVE-0-2026-0821)
Vulnerability from cvelistv5 – Published: 2026-01-10 13:02 – Updated: 2026-01-10 13:02 X_Open Source
VLAI?
Title
quickjs-ng quickjs quickjs.c js_typed_array_constructor heap-based overflow
Summary
A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_array_constructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called c5d80831e51e48a83eab16ea867be87f091783c5. A patch should be applied to remediate this issue.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| quickjs-ng | quickjs |
Affected:
0.1
Affected: 0.2 Affected: 0.3 Affected: 0.4 Affected: 0.5 Affected: 0.6 Affected: 0.7 Affected: 0.8 Affected: 0.9 Affected: 0.10 Affected: 0.11.0 |
Credits
mcsky23 (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "quickjs",
"vendor": "quickjs-ng",
"versions": [
{
"status": "affected",
"version": "0.1"
},
{
"status": "affected",
"version": "0.2"
},
{
"status": "affected",
"version": "0.3"
},
{
"status": "affected",
"version": "0.4"
},
{
"status": "affected",
"version": "0.5"
},
{
"status": "affected",
"version": "0.6"
},
{
"status": "affected",
"version": "0.7"
},
{
"status": "affected",
"version": "0.8"
},
{
"status": "affected",
"version": "0.9"
},
{
"status": "affected",
"version": "0.10"
},
{
"status": "affected",
"version": "0.11.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "mcsky23 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in quickjs-ng quickjs up to 0.11.0. This vulnerability affects the function js_typed_array_constructor of the file quickjs.c. Executing a manipulation can lead to heap-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called c5d80831e51e48a83eab16ea867be87f091783c5. A patch should be applied to remediate this issue."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "Memory Corruption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-10T13:02:07.698Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340355 | quickjs-ng quickjs quickjs.c js_typed_array_constructor heap-based overflow",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340355"
},
{
"name": "VDB-340355 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340355"
},
{
"name": "Submit #731780 | quickjs-ng quickjs v0.11.0 Heap-based Buffer Overflow",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.731780"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/quickjs-ng/quickjs/issues/1296"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/quickjs-ng/quickjs/pull/1299"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/quickjs-ng/quickjs/issues/1296#issue-3780003395"
},
{
"tags": [
"patch"
],
"url": "https://github.com/quickjs-ng/quickjs/commit/c5d80831e51e48a83eab16ea867be87f091783c5"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T19:29:41.000Z",
"value": "VulDB entry last update"
}
],
"title": "quickjs-ng quickjs quickjs.c js_typed_array_constructor heap-based overflow"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0821",
"datePublished": "2026-01-10T13:02:07.698Z",
"dateReserved": "2026-01-09T18:24:17.150Z",
"dateUpdated": "2026-01-10T13:02:07.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15504 (GCVE-0-2025-15504)
Vulnerability from cvelistv5 – Published: 2026-01-10 11:32 – Updated: 2026-01-10 11:32 X_Open Source
VLAI?
Title
lief-project LIEF ELF Binary Parser.tcc parse_binary null pointer dereference
Summary
A security flaw has been discovered in lief-project LIEF up to 0.17.1. Affected by this issue is the function Parser::parse_binary of the file src/ELF/Parser.tcc of the component ELF Binary Parser. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. Upgrading to version 0.17.2 can resolve this issue. The patch is identified as 81bd5d7ea0c390563f1c4c017c9019d154802978. It is recommended to upgrade the affected component.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| lief-project | LIEF |
Affected:
0.17.0
Affected: 0.17.1 Unaffected: 0.17.2 |
Credits
Oneafter (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"modules": [
"ELF Binary Parser"
],
"product": "LIEF",
"vendor": "lief-project",
"versions": [
{
"status": "affected",
"version": "0.17.0"
},
{
"status": "affected",
"version": "0.17.1"
},
{
"status": "unaffected",
"version": "0.17.2"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Oneafter (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in lief-project LIEF up to 0.17.1. Affected by this issue is the function Parser::parse_binary of the file src/ELF/Parser.tcc of the component ELF Binary Parser. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been released to the public and may be used for attacks. Upgrading to version 0.17.2 can resolve this issue. The patch is identified as 81bd5d7ea0c390563f1c4c017c9019d154802978. It is recommended to upgrade the affected component."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.7,
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:OF/RC:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-10T11:32:06.771Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340375 | lief-project LIEF ELF Binary Parser.tcc parse_binary null pointer dereference",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340375"
},
{
"name": "VDB-340375 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340375"
},
{
"name": "Submit #733329 | lief-project LIEF 9698ea6 Memory Corruption",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.733329"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/lief-project/LIEF/issues/1277"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/lief-project/LIEF/issues/1277#issuecomment-3693859001"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/oneafter/1210/blob/main/segv1"
},
{
"tags": [
"patch"
],
"url": "https://github.com/lief-project/LIEF/commit/81bd5d7ea0c390563f1c4c017c9019d154802978"
},
{
"tags": [
"patch"
],
"url": "https://github.com/lief-project/LIEF/releases/tag/0.17.2"
}
],
"tags": [
"x_open-source"
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T23:04:26.000Z",
"value": "VulDB entry last update"
}
],
"title": "lief-project LIEF ELF Binary Parser.tcc parse_binary null pointer dereference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15504",
"datePublished": "2026-01-10T11:32:06.771Z",
"dateReserved": "2026-01-09T21:58:56.818Z",
"dateUpdated": "2026-01-10T11:32:06.771Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15503 (GCVE-0-2025-15503)
Vulnerability from cvelistv5 – Published: 2026-01-10 09:02 – Updated: 2026-01-10 09:02
VLAI?
Title
Sangfor Operation and Maintenance Management System common.jsp unrestricted upload
Summary
A security flaw has been discovered in Sangfor Operation and Maintenance Management System up to 3.0.8. The impacted element is an unknown function of the file /fort/trust/version/common/common.jsp. Performing a manipulation of the argument File results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sangfor | Operation and Maintenance Management System |
Affected:
3.0.0
Affected: 3.0.1 Affected: 3.0.2 Affected: 3.0.3 Affected: 3.0.4 Affected: 3.0.5 Affected: 3.0.6 Affected: 3.0.7 Affected: 3.0.8 |
Credits
hhsw34 (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "Operation and Maintenance Management System",
"vendor": "Sangfor",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.0.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "hhsw34 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A security flaw has been discovered in Sangfor Operation and Maintenance Management System up to 3.0.8. The impacted element is an unknown function of the file /fort/trust/version/common/common.jsp. Performing a manipulation of the argument File results in unrestricted upload. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-10T09:02:06.233Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340348 | Sangfor Operation and Maintenance Management System common.jsp unrestricted upload",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340348"
},
{
"name": "VDB-340348 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340348"
},
{
"name": "Submit #727253 | Sangfor Operation and Maintenance Management System (OSM / \u8fd0\u7ef4\u5b89\u5168\u7ba1\u7406\u7cfb\u7edf) 3.0.8 Unrestricted Upload",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727253"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/master-abc/cve/issues/13"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/master-abc/cve/issues/13#issue-3770623333"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T18:17:22.000Z",
"value": "VulDB entry last update"
}
],
"title": "Sangfor Operation and Maintenance Management System common.jsp unrestricted upload"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15503",
"datePublished": "2026-01-10T09:02:06.233Z",
"dateReserved": "2026-01-09T17:12:11.774Z",
"dateUpdated": "2026-01-10T09:02:06.233Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15502 (GCVE-0-2025-15502)
Vulnerability from cvelistv5 – Published: 2026-01-10 08:02 – Updated: 2026-01-10 08:02
VLAI?
Title
Sangfor Operation and Maintenance Management System session SessionController os command injection
Summary
A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.8. The affected element is the function SessionController of the file /isomp-protocol/protocol/session. Such manipulation of the argument Hostname leads to os command injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sangfor | Operation and Maintenance Management System |
Affected:
3.0.0
Affected: 3.0.1 Affected: 3.0.2 Affected: 3.0.3 Affected: 3.0.4 Affected: 3.0.5 Affected: 3.0.6 Affected: 3.0.7 Affected: 3.0.8 |
Credits
jiefengliang (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "Operation and Maintenance Management System",
"vendor": "Sangfor",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.0.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "jiefengliang (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.8. The affected element is the function SessionController of the file /isomp-protocol/protocol/session. Such manipulation of the argument Hostname leads to os command injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-10T08:02:06.438Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340347 | Sangfor Operation and Maintenance Management System session SessionController os command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340347"
},
{
"name": "VDB-340347 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340347"
},
{
"name": "Submit #727217 | Sangfor Operation and Maintenance Management System (OSM / \u8fd0\u7ef4\u5b89\u5168\u7ba1\u7406\u7cfb\u7edf) 3.0.8 OS Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727217"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/master-abc/cve/issues/14"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/master-abc/cve/issues/14#issue-3770634476"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T18:17:20.000Z",
"value": "VulDB entry last update"
}
],
"title": "Sangfor Operation and Maintenance Management System session SessionController os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15502",
"datePublished": "2026-01-10T08:02:06.438Z",
"dateReserved": "2026-01-09T17:12:08.711Z",
"dateUpdated": "2026-01-10T08:02:06.438Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15501 (GCVE-0-2025-15501)
Vulnerability from cvelistv5 – Published: 2026-01-09 22:32 – Updated: 2026-01-09 22:32
VLAI?
Title
Sangfor Operation and Maintenance Management System getCmd WriterHandle.getCmd os command injection
Summary
A vulnerability was determined in Sangfor Operation and Maintenance Management System up to 3.0.8. Impacted is the function WriterHandle.getCmd of the file /isomp-protocol/protocol/getCmd. This manipulation of the argument sessionPath causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
9.8 (Critical)
9.8 (Critical)
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sangfor | Operation and Maintenance Management System |
Affected:
3.0.0
Affected: 3.0.1 Affected: 3.0.2 Affected: 3.0.3 Affected: 3.0.4 Affected: 3.0.5 Affected: 3.0.6 Affected: 3.0.7 Affected: 3.0.8 |
Credits
nestor233 (VulDB User)
{
"containers": {
"cna": {
"affected": [
{
"product": "Operation and Maintenance Management System",
"vendor": "Sangfor",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.0.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "nestor233 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in Sangfor Operation and Maintenance Management System up to 3.0.8. Impacted is the function WriterHandle.getCmd of the file /isomp-protocol/protocol/getCmd. This manipulation of the argument sessionPath causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 10,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T22:32:05.839Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340346 | Sangfor Operation and Maintenance Management System getCmd WriterHandle.getCmd os command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340346"
},
{
"name": "VDB-340346 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340346"
},
{
"name": "Submit #727214 | Sangfor Operation and Maintenance Management System (OSM / \u8fd0\u7ef4\u5b89\u5168\u7ba1\u7406\u7cfb\u7edf) 3.0.8 OS Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727214"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/master-abc/cve/issues/12"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/master-abc/cve/issues/12#issue-3770615262"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T18:17:19.000Z",
"value": "VulDB entry last update"
}
],
"title": "Sangfor Operation and Maintenance Management System getCmd WriterHandle.getCmd os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15501",
"datePublished": "2026-01-09T22:32:05.839Z",
"dateReserved": "2026-01-09T17:12:05.995Z",
"dateUpdated": "2026-01-09T22:32:05.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15500 (GCVE-0-2025-15500)
Vulnerability from cvelistv5 – Published: 2026-01-09 21:32 – Updated: 2026-01-09 21:53
VLAI?
Title
Sangfor Operation and Maintenance Management System HTTP POST Request getHis os command injection
Summary
A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of the argument sessionPath results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
9.8 (Critical)
9.8 (Critical)
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sangfor | Operation and Maintenance Management System |
Affected:
3.0.0
Affected: 3.0.1 Affected: 3.0.2 Affected: 3.0.3 Affected: 3.0.4 Affected: 3.0.5 Affected: 3.0.6 Affected: 3.0.7 Affected: 3.0.8 |
Credits
Liyu Zhu (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15500",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T21:51:59.844206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T21:53:52.018Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/master-abc/cve/issues/11#issue-3770602189"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/master-abc/cve/issues/11"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"HTTP POST Request Handler"
],
"product": "Operation and Maintenance Management System",
"vendor": "Sangfor",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.0.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Liyu Zhu (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of the argument sessionPath results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 10,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T21:32:08.161Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340345 | Sangfor Operation and Maintenance Management System HTTP POST Request getHis os command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340345"
},
{
"name": "VDB-340345 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340345"
},
{
"name": "Submit #727208 | Sangfor Operation and Maintenance Management System (OSM / \u8fd0\u7ef4\u5b89\u5168\u7ba1\u7406\u7cfb\u7edf) 3.0.8 OS Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727208"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/master-abc/cve/issues/11"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/master-abc/cve/issues/11#issue-3770602189"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T18:17:18.000Z",
"value": "VulDB entry last update"
}
],
"title": "Sangfor Operation and Maintenance Management System HTTP POST Request getHis os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15500",
"datePublished": "2026-01-09T21:32:08.161Z",
"dateReserved": "2026-01-09T17:12:03.266Z",
"dateUpdated": "2026-01-09T21:53:52.018Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15499 (GCVE-0-2025-15499)
Vulnerability from cvelistv5 – Published: 2026-01-09 21:32 – Updated: 2026-01-09 21:54
VLAI?
Title
Sangfor Operation and Maintenance Management System VersionController.java uploadCN os command injection
Summary
A vulnerability has been found in Sangfor Operation and Maintenance Management System up to 3.0.8. This vulnerability affects the function uploadCN of the file VersionController.java. The manipulation of the argument filename leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Sangfor | Operation and Maintenance Management System |
Affected:
3.0.0
Affected: 3.0.1 Affected: 3.0.2 Affected: 3.0.3 Affected: 3.0.4 Affected: 3.0.5 Affected: 3.0.6 Affected: 3.0.7 Affected: 3.0.8 |
Credits
junqi (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15499",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T21:52:07.313921Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T21:54:02.443Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/master-abc/cve/issues/10#issue-3770540830"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/master-abc/cve/issues/10"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Operation and Maintenance Management System",
"vendor": "Sangfor",
"versions": [
{
"status": "affected",
"version": "3.0.0"
},
{
"status": "affected",
"version": "3.0.1"
},
{
"status": "affected",
"version": "3.0.2"
},
{
"status": "affected",
"version": "3.0.3"
},
{
"status": "affected",
"version": "3.0.4"
},
{
"status": "affected",
"version": "3.0.5"
},
{
"status": "affected",
"version": "3.0.6"
},
{
"status": "affected",
"version": "3.0.7"
},
{
"status": "affected",
"version": "3.0.8"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "junqi (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Sangfor Operation and Maintenance Management System up to 3.0.8. This vulnerability affects the function uploadCN of the file VersionController.java. The manipulation of the argument filename leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 9,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T21:32:06.037Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340344 | Sangfor Operation and Maintenance Management System VersionController.java uploadCN os command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340344"
},
{
"name": "VDB-340344 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340344"
},
{
"name": "Submit #727207 | Sangfor Operation and Maintenance Management System (\u8fd0\u7ef4\u5b89\u5168\u7ba1\u7406\u7cfb\u7edf / OSM) 3.0.8 Command Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.727207"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/master-abc/cve/issues/10"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/master-abc/cve/issues/10#issue-3770540830"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T18:17:16.000Z",
"value": "VulDB entry last update"
}
],
"title": "Sangfor Operation and Maintenance Management System VersionController.java uploadCN os command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15499",
"datePublished": "2026-01-09T21:32:06.037Z",
"dateReserved": "2026-01-09T17:11:56.758Z",
"dateUpdated": "2026-01-09T21:54:02.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15496 (GCVE-0-2025-15496)
Vulnerability from cvelistv5 – Published: 2026-01-09 17:02 – Updated: 2026-01-09 18:36
VLAI?
Title
guchengwuyue yshopmall jobs getPage sql injection
Summary
A vulnerability was determined in guchengwuyue yshopmall up to 1.9.1. Affected is the function getPage of the file /api/jobs. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| guchengwuyue | yshopmall |
Affected:
1.9.0
Affected: 1.9.1 |
Credits
mukyuuhate (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15496",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T17:46:21.458368Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T18:36:47.236Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/guchengwuyue/yshopmall/issues/39"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/guchengwuyue/yshopmall/issues/39#issue-3769727898"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "yshopmall",
"vendor": "guchengwuyue",
"versions": [
{
"status": "affected",
"version": "1.9.0"
},
{
"status": "affected",
"version": "1.9.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "mukyuuhate (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in guchengwuyue yshopmall up to 1.9.1. Affected is the function getPage of the file /api/jobs. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T17:02:12.054Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340274 | guchengwuyue yshopmall jobs getPage sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340274"
},
{
"name": "VDB-340274 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340274"
},
{
"name": "Submit #726464 | https://github.com/guchengwuyue/yshopmall yshopmall V1.9.1 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.726464"
},
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/guchengwuyue/yshopmall/issues/39"
},
{
"tags": [
"exploit",
"issue-tracking"
],
"url": "https://github.com/guchengwuyue/yshopmall/issues/39#issue-3769727898"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T12:47:33.000Z",
"value": "VulDB entry last update"
}
],
"title": "guchengwuyue yshopmall jobs getPage sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15496",
"datePublished": "2026-01-09T17:02:12.054Z",
"dateReserved": "2026-01-09T11:42:29.007Z",
"dateUpdated": "2026-01-09T18:36:47.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15495 (GCVE-0-2025-15495)
Vulnerability from cvelistv5 – Published: 2026-01-09 17:02 – Updated: 2026-01-10 09:04
VLAI?
Title
BiggiDroid Simple PHP CMS editsite.php unrestricted upload
Summary
A vulnerability was found in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/editsite.php. The manipulation of the argument image results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| BiggiDroid | Simple PHP CMS |
Affected:
1.0
|
Credits
k271266
moasim
k271266 (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15495",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T17:46:37.119255Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T18:36:52.503Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/Asim-QAZi/RCE-Simplephpblog-biggiedroid"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Simple PHP CMS",
"vendor": "BiggiDroid",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "k271266"
},
{
"lang": "en",
"type": "finder",
"value": "moasim"
},
{
"lang": "en",
"type": "reporter",
"value": "k271266 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/editsite.php. The manipulation of the argument image results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "Unrestricted Upload",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Controls",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-10T09:04:48.822Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340273 | BiggiDroid Simple PHP CMS editsite.php unrestricted upload",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340273"
},
{
"name": "VDB-340273 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340273"
},
{
"name": "Submit #725890 | BiggiDroid Simple PHP CMS 1.0 Unrestricted Upload",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.725890"
},
{
"name": "Submit #726040 | BiggiDroid Simple PHP CMS 1.0 Unrestricted Upload (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.726040"
},
{
"tags": [
"issue-tracking"
],
"url": "https://gitee.com/hdert/ck/issues/IDGO28"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/Asim-QAZi/RCE-Simplephpblog-biggiedroid"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-10T10:09:37.000Z",
"value": "VulDB entry last update"
}
],
"title": "BiggiDroid Simple PHP CMS editsite.php unrestricted upload"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15495",
"datePublished": "2026-01-09T17:02:09.494Z",
"dateReserved": "2026-01-09T11:36:37.798Z",
"dateUpdated": "2026-01-10T09:04:48.822Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15494 (GCVE-0-2025-15494)
Vulnerability from cvelistv5 – Published: 2026-01-09 16:32 – Updated: 2026-01-09 18:37
VLAI?
Title
RainyGao DocSys UserMapper.xml sql injection
Summary
A vulnerability has been found in RainyGao DocSys up to 2.02.37. This affects an unknown function of the file com/DocSystem/mapping/UserMapper.xml. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RainyGao | DocSys |
Affected:
2.02.0
Affected: 2.02.1 Affected: 2.02.2 Affected: 2.02.3 Affected: 2.02.4 Affected: 2.02.5 Affected: 2.02.6 Affected: 2.02.7 Affected: 2.02.8 Affected: 2.02.9 Affected: 2.02.10 Affected: 2.02.11 Affected: 2.02.12 Affected: 2.02.13 Affected: 2.02.14 Affected: 2.02.15 Affected: 2.02.16 Affected: 2.02.17 Affected: 2.02.18 Affected: 2.02.19 Affected: 2.02.20 Affected: 2.02.21 Affected: 2.02.22 Affected: 2.02.23 Affected: 2.02.24 Affected: 2.02.25 Affected: 2.02.26 Affected: 2.02.27 Affected: 2.02.28 Affected: 2.02.29 Affected: 2.02.30 Affected: 2.02.31 Affected: 2.02.32 Affected: 2.02.33 Affected: 2.02.34 Affected: 2.02.35 Affected: 2.02.36 Affected: 2.02.37 |
Credits
xkalami (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15494",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T17:47:25.132354Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T18:37:05.234Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/SQL%E6%B3%A8%E5%85%A52.02.37.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/SQL%E6%B3%A8%E5%85%A52.02.37.md#vulnerability-analysis-and-reproduction%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90%E5%A4%8D%E7%8E%B0"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DocSys",
"vendor": "RainyGao",
"versions": [
{
"status": "affected",
"version": "2.02.0"
},
{
"status": "affected",
"version": "2.02.1"
},
{
"status": "affected",
"version": "2.02.2"
},
{
"status": "affected",
"version": "2.02.3"
},
{
"status": "affected",
"version": "2.02.4"
},
{
"status": "affected",
"version": "2.02.5"
},
{
"status": "affected",
"version": "2.02.6"
},
{
"status": "affected",
"version": "2.02.7"
},
{
"status": "affected",
"version": "2.02.8"
},
{
"status": "affected",
"version": "2.02.9"
},
{
"status": "affected",
"version": "2.02.10"
},
{
"status": "affected",
"version": "2.02.11"
},
{
"status": "affected",
"version": "2.02.12"
},
{
"status": "affected",
"version": "2.02.13"
},
{
"status": "affected",
"version": "2.02.14"
},
{
"status": "affected",
"version": "2.02.15"
},
{
"status": "affected",
"version": "2.02.16"
},
{
"status": "affected",
"version": "2.02.17"
},
{
"status": "affected",
"version": "2.02.18"
},
{
"status": "affected",
"version": "2.02.19"
},
{
"status": "affected",
"version": "2.02.20"
},
{
"status": "affected",
"version": "2.02.21"
},
{
"status": "affected",
"version": "2.02.22"
},
{
"status": "affected",
"version": "2.02.23"
},
{
"status": "affected",
"version": "2.02.24"
},
{
"status": "affected",
"version": "2.02.25"
},
{
"status": "affected",
"version": "2.02.26"
},
{
"status": "affected",
"version": "2.02.27"
},
{
"status": "affected",
"version": "2.02.28"
},
{
"status": "affected",
"version": "2.02.29"
},
{
"status": "affected",
"version": "2.02.30"
},
{
"status": "affected",
"version": "2.02.31"
},
{
"status": "affected",
"version": "2.02.32"
},
{
"status": "affected",
"version": "2.02.33"
},
{
"status": "affected",
"version": "2.02.34"
},
{
"status": "affected",
"version": "2.02.35"
},
{
"status": "affected",
"version": "2.02.36"
},
{
"status": "affected",
"version": "2.02.37"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "xkalami (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in RainyGao DocSys up to 2.02.37. This affects an unknown function of the file com/DocSystem/mapping/UserMapper.xml. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T16:32:08.806Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340272 | RainyGao DocSys UserMapper.xml sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340272"
},
{
"name": "VDB-340272 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340272"
},
{
"name": "Submit #725407 | https://github.com/RainyGao-GitHub/DocSys/releases/tag/DocSys_V2 RainyGao-GitHub 2.02.37 SQL injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.725407"
},
{
"tags": [
"related"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/SQL%E6%B3%A8%E5%85%A52.02.37.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/SQL%E6%B3%A8%E5%85%A52.02.37.md#vulnerability-analysis-and-reproduction%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90%E5%A4%8D%E7%8E%B0"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T12:36:46.000Z",
"value": "VulDB entry last update"
}
],
"title": "RainyGao DocSys UserMapper.xml sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15494",
"datePublished": "2026-01-09T16:32:08.806Z",
"dateReserved": "2026-01-09T11:30:47.602Z",
"dateUpdated": "2026-01-09T18:37:05.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15493 (GCVE-0-2025-15493)
Vulnerability from cvelistv5 – Published: 2026-01-09 16:32 – Updated: 2026-01-09 18:37
VLAI?
Title
RainyGao DocSys ReposAuthMapper.xml sql injection
Summary
A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Executing a manipulation of the argument searchWord can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RainyGao | DocSys |
Affected:
2.02.0
Affected: 2.02.1 Affected: 2.02.2 Affected: 2.02.3 Affected: 2.02.4 Affected: 2.02.5 Affected: 2.02.6 Affected: 2.02.7 Affected: 2.02.8 Affected: 2.02.9 Affected: 2.02.10 Affected: 2.02.11 Affected: 2.02.12 Affected: 2.02.13 Affected: 2.02.14 Affected: 2.02.15 Affected: 2.02.16 Affected: 2.02.17 Affected: 2.02.18 Affected: 2.02.19 Affected: 2.02.20 Affected: 2.02.21 Affected: 2.02.22 Affected: 2.02.23 Affected: 2.02.24 Affected: 2.02.25 Affected: 2.02.26 Affected: 2.02.27 Affected: 2.02.28 Affected: 2.02.29 Affected: 2.02.30 Affected: 2.02.31 Affected: 2.02.32 Affected: 2.02.33 Affected: 2.02.34 Affected: 2.02.35 Affected: 2.02.36 |
Credits
xkalami (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15493",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T17:47:33.207334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T18:37:10.665Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/sql%E6%B3%A8%E5%85%A52.md#vulnerability-analysis-and-reproduction%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90%E5%A4%8D%E7%8E%B0"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/sql%E6%B3%A8%E5%85%A52.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DocSys",
"vendor": "RainyGao",
"versions": [
{
"status": "affected",
"version": "2.02.0"
},
{
"status": "affected",
"version": "2.02.1"
},
{
"status": "affected",
"version": "2.02.2"
},
{
"status": "affected",
"version": "2.02.3"
},
{
"status": "affected",
"version": "2.02.4"
},
{
"status": "affected",
"version": "2.02.5"
},
{
"status": "affected",
"version": "2.02.6"
},
{
"status": "affected",
"version": "2.02.7"
},
{
"status": "affected",
"version": "2.02.8"
},
{
"status": "affected",
"version": "2.02.9"
},
{
"status": "affected",
"version": "2.02.10"
},
{
"status": "affected",
"version": "2.02.11"
},
{
"status": "affected",
"version": "2.02.12"
},
{
"status": "affected",
"version": "2.02.13"
},
{
"status": "affected",
"version": "2.02.14"
},
{
"status": "affected",
"version": "2.02.15"
},
{
"status": "affected",
"version": "2.02.16"
},
{
"status": "affected",
"version": "2.02.17"
},
{
"status": "affected",
"version": "2.02.18"
},
{
"status": "affected",
"version": "2.02.19"
},
{
"status": "affected",
"version": "2.02.20"
},
{
"status": "affected",
"version": "2.02.21"
},
{
"status": "affected",
"version": "2.02.22"
},
{
"status": "affected",
"version": "2.02.23"
},
{
"status": "affected",
"version": "2.02.24"
},
{
"status": "affected",
"version": "2.02.25"
},
{
"status": "affected",
"version": "2.02.26"
},
{
"status": "affected",
"version": "2.02.27"
},
{
"status": "affected",
"version": "2.02.28"
},
{
"status": "affected",
"version": "2.02.29"
},
{
"status": "affected",
"version": "2.02.30"
},
{
"status": "affected",
"version": "2.02.31"
},
{
"status": "affected",
"version": "2.02.32"
},
{
"status": "affected",
"version": "2.02.33"
},
{
"status": "affected",
"version": "2.02.34"
},
{
"status": "affected",
"version": "2.02.35"
},
{
"status": "affected",
"version": "2.02.36"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "xkalami (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Executing a manipulation of the argument searchWord can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T16:32:06.558Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340271 | RainyGao DocSys ReposAuthMapper.xml sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340271"
},
{
"name": "VDB-340271 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340271"
},
{
"name": "Submit #725374 | https://github.com/RainyGao-GitHub/DocSys/releases/tag/DocSys_V2 RainyGao-GitHub 2.02.36 SQL injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.725374"
},
{
"tags": [
"related"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/sql%E6%B3%A8%E5%85%A52.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/sql%E6%B3%A8%E5%85%A52.md#vulnerability-analysis-and-reproduction%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90%E5%A4%8D%E7%8E%B0"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T12:36:44.000Z",
"value": "VulDB entry last update"
}
],
"title": "RainyGao DocSys ReposAuthMapper.xml sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15493",
"datePublished": "2026-01-09T16:32:06.558Z",
"dateReserved": "2026-01-09T11:30:44.838Z",
"dateUpdated": "2026-01-09T18:37:10.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-15492 (GCVE-0-2025-15492)
Vulnerability from cvelistv5 – Published: 2026-01-09 16:02 – Updated: 2026-01-09 18:38
VLAI?
Title
RainyGao DocSys GroupMemberMapper.xml sql injection
Summary
A vulnerability was detected in RainyGao DocSys up to 2.02.36. The affected element is an unknown function of the file src/com/DocSystem/mapping/GroupMemberMapper.xml. Performing a manipulation of the argument searchWord results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RainyGao | DocSys |
Affected:
2.02.0
Affected: 2.02.1 Affected: 2.02.2 Affected: 2.02.3 Affected: 2.02.4 Affected: 2.02.5 Affected: 2.02.6 Affected: 2.02.7 Affected: 2.02.8 Affected: 2.02.9 Affected: 2.02.10 Affected: 2.02.11 Affected: 2.02.12 Affected: 2.02.13 Affected: 2.02.14 Affected: 2.02.15 Affected: 2.02.16 Affected: 2.02.17 Affected: 2.02.18 Affected: 2.02.19 Affected: 2.02.20 Affected: 2.02.21 Affected: 2.02.22 Affected: 2.02.23 Affected: 2.02.24 Affected: 2.02.25 Affected: 2.02.26 Affected: 2.02.27 Affected: 2.02.28 Affected: 2.02.29 Affected: 2.02.30 Affected: 2.02.31 Affected: 2.02.32 Affected: 2.02.33 Affected: 2.02.34 Affected: 2.02.35 Affected: 2.02.36 |
Credits
xkalami (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-15492",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T17:49:02.762988Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T18:38:08.299Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/SQL%E6%B3%A8%E5%85%A53.md"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DocSys",
"vendor": "RainyGao",
"versions": [
{
"status": "affected",
"version": "2.02.0"
},
{
"status": "affected",
"version": "2.02.1"
},
{
"status": "affected",
"version": "2.02.2"
},
{
"status": "affected",
"version": "2.02.3"
},
{
"status": "affected",
"version": "2.02.4"
},
{
"status": "affected",
"version": "2.02.5"
},
{
"status": "affected",
"version": "2.02.6"
},
{
"status": "affected",
"version": "2.02.7"
},
{
"status": "affected",
"version": "2.02.8"
},
{
"status": "affected",
"version": "2.02.9"
},
{
"status": "affected",
"version": "2.02.10"
},
{
"status": "affected",
"version": "2.02.11"
},
{
"status": "affected",
"version": "2.02.12"
},
{
"status": "affected",
"version": "2.02.13"
},
{
"status": "affected",
"version": "2.02.14"
},
{
"status": "affected",
"version": "2.02.15"
},
{
"status": "affected",
"version": "2.02.16"
},
{
"status": "affected",
"version": "2.02.17"
},
{
"status": "affected",
"version": "2.02.18"
},
{
"status": "affected",
"version": "2.02.19"
},
{
"status": "affected",
"version": "2.02.20"
},
{
"status": "affected",
"version": "2.02.21"
},
{
"status": "affected",
"version": "2.02.22"
},
{
"status": "affected",
"version": "2.02.23"
},
{
"status": "affected",
"version": "2.02.24"
},
{
"status": "affected",
"version": "2.02.25"
},
{
"status": "affected",
"version": "2.02.26"
},
{
"status": "affected",
"version": "2.02.27"
},
{
"status": "affected",
"version": "2.02.28"
},
{
"status": "affected",
"version": "2.02.29"
},
{
"status": "affected",
"version": "2.02.30"
},
{
"status": "affected",
"version": "2.02.31"
},
{
"status": "affected",
"version": "2.02.32"
},
{
"status": "affected",
"version": "2.02.33"
},
{
"status": "affected",
"version": "2.02.34"
},
{
"status": "affected",
"version": "2.02.35"
},
{
"status": "affected",
"version": "2.02.36"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "xkalami (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in RainyGao DocSys up to 2.02.36. The affected element is an unknown function of the file src/com/DocSystem/mapping/GroupMemberMapper.xml. Performing a manipulation of the argument searchWord results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T16:02:07.110Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340270 | RainyGao DocSys GroupMemberMapper.xml sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340270"
},
{
"name": "VDB-340270 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340270"
},
{
"name": "Submit #725373 | https://github.com/RainyGao-GitHub/DocSys/releases/tag/DocSys_V2 RainyGao-GitHub 2.02.36 SQL injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.725373"
},
{
"tags": [
"related"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/SQL%E6%B3%A8%E5%85%A53.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/DocSys/SQL%E6%B3%A8%E5%85%A53.md#vulnerability-analysis-and-reproduction%E6%BC%8F%E6%B4%9E%E5%88%86%E6%9E%90%E5%A4%8D%E7%8E%B0"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T12:36:43.000Z",
"value": "VulDB entry last update"
}
],
"title": "RainyGao DocSys GroupMemberMapper.xml sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2025-15492",
"datePublished": "2026-01-09T16:02:07.110Z",
"dateReserved": "2026-01-09T11:30:38.788Z",
"dateUpdated": "2026-01-09T18:38:08.299Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0803 (GCVE-0-2026-0803)
Vulnerability from cvelistv5 – Published: 2026-01-09 15:32 – Updated: 2026-01-09 16:24 X_Freeware
VLAI?
Title
PHPGurukul Online Course Registration System enroll.php sql injection
Summary
A vulnerability was found in PHPGurukul Online Course Registration System up to 3.1. This affects an unknown part of the file /enroll.php. The manipulation of the argument studentregno/Pincode/session/department/level/course/sem results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PHPGurukul | Online Course Registration System |
Affected:
3.0
Affected: 3.1 |
Credits
angelkate (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0803",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T16:24:14.834025Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T16:24:22.841Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Online Course Registration System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "angelkate (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Online Course Registration System up to 3.1. This affects an unknown part of the file /enroll.php. The manipulation of the argument studentregno/Pincode/session/department/level/course/sem results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T15:32:09.036Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340255 | PHPGurukul Online Course Registration System enroll.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340255"
},
{
"name": "VDB-340255 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340255"
},
{
"name": "Submit #733344 | PHPGurukul Online Course Registration System \u2264 3.1 SQL Injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.733344"
},
{
"tags": [
"exploit"
],
"url": "https://note-hxlab.wetolink.com/share/qX132pk8Wofk"
},
{
"tags": [
"product"
],
"url": "https://phpgurukul.com/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-01-09T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-09T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T10:47:06.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Online Course Registration System enroll.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0803",
"datePublished": "2026-01-09T15:32:09.036Z",
"dateReserved": "2026-01-09T09:41:52.701Z",
"dateUpdated": "2026-01-09T16:24:22.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0733 (GCVE-0-2026-0733)
Vulnerability from cvelistv5 – Published: 2026-01-08 23:32 – Updated: 2026-01-09 16:22 X_Freeware
VLAI?
Title
PHPGurukul Online Course Registration System manage-students.php sql injection
Summary
A vulnerability was determined in PHPGurukul Online Course Registration System up to 3.1. This impacts an unknown function of the file /onlinecourse/admin/manage-students.php. This manipulation of the argument id/cid causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PHPGurukul | Online Course Registration System |
Affected:
3.0
Affected: 3.1 |
Credits
angelkate (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0733",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T16:21:52.970602Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T16:22:02.232Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Online Course Registration System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "3.0"
},
{
"status": "affected",
"version": "3.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "angelkate (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was determined in PHPGurukul Online Course Registration System up to 3.1. This impacts an unknown function of the file /onlinecourse/admin/manage-students.php. This manipulation of the argument id/cid causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T09:40:26.886Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340130 | PHPGurukul Online Course Registration System manage-students.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340130"
},
{
"name": "VDB-340130 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340130"
},
{
"name": "Submit #733328 | PHPGurukul Online Course Registration System \u2264 3.1 SQL Injection Vulnerability",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.733328"
},
{
"name": "Submit #733331 | PHPGurukul Online Course Registration System \u2264 3.1 SQL Injection (Duplicate)",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.733331"
},
{
"tags": [
"related"
],
"url": "https://note-hxlab.wetolink.com/share/cU33RBoPPAF0"
},
{
"tags": [
"exploit"
],
"url": "https://note-hxlab.wetolink.com/share/Tma34bofeB2L"
},
{
"tags": [
"product"
],
"url": "https://phpgurukul.com/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-01-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-09T10:45:09.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Online Course Registration System manage-students.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0733",
"datePublished": "2026-01-08T23:32:13.020Z",
"dateReserved": "2026-01-08T15:32:32.701Z",
"dateUpdated": "2026-01-09T16:22:02.232Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0732 (GCVE-0-2026-0732)
Vulnerability from cvelistv5 – Published: 2026-01-08 23:32 – Updated: 2026-01-09 16:22
VLAI?
Title
D-Link DI-8200G upgrade_filter.asp command injection
Summary
A vulnerability was found in D-Link DI-8200G 17.12.20A1. This affects an unknown function of the file /upgrade_filter.asp. The manipulation of the argument path results in command injection. The attack may be performed from remote. The exploit has been made public and could be used.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Credits
Yun Zhang (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0732",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T16:22:29.703881Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T16:22:38.452Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "DI-8200G",
"vendor": "D-Link",
"versions": [
{
"status": "affected",
"version": "17.12.20A1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Yun Zhang (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in D-Link DI-8200G 17.12.20A1. This affects an unknown function of the file /upgrade_filter.asp. The manipulation of the argument path results in command injection. The attack may be performed from remote. The exploit has been made public and could be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "Command Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T23:32:08.177Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340129 | D-Link DI-8200G upgrade_filter.asp command injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340129"
},
{
"name": "VDB-340129 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340129"
},
{
"name": "Submit #733275 | D-Link DI_8200G Router V17.12.20A1 Command Execution",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.733275"
},
{
"tags": [
"related"
],
"url": "https://github.com/DavCloudz/cve/blob/main/D-link/DI_8200G/DI_8200G%20V17.12.20A1%20Command%20Execution%20Vulnerability/readme.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/DavCloudz/cve/blob/main/D-link/DI_8200G/DI_8200G%20V17.12.20A1%20Command%20Execution%20Vulnerability/readme.md#poc"
},
{
"tags": [
"product"
],
"url": "https://www.dlink.com/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-08T16:30:54.000Z",
"value": "VulDB entry last update"
}
],
"title": "D-Link DI-8200G upgrade_filter.asp command injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0732",
"datePublished": "2026-01-08T23:32:08.177Z",
"dateReserved": "2026-01-08T15:25:51.430Z",
"dateUpdated": "2026-01-09T16:22:38.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0731 (GCVE-0-2026-0731)
Vulnerability from cvelistv5 – Published: 2026-01-08 23:02 – Updated: 2026-01-09 16:23
VLAI?
Title
TOTOLINK WA1200 HTTP Request cstecgi.cgi null pointer dereference
Summary
A vulnerability has been found in TOTOLINK WA1200 5.9c.2914. The impacted element is an unknown function of the file cstecgi.cgi of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.
Severity ?
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Credits
JackWesley (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0731",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T16:23:15.368638Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T16:23:30.110Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"HTTP Request Handler"
],
"product": "WA1200",
"vendor": "TOTOLINK",
"versions": [
{
"status": "affected",
"version": "5.9c.2914"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "JackWesley (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in TOTOLINK WA1200 5.9c.2914. The impacted element is an unknown function of the file cstecgi.cgi of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:W/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:W/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:W/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-476",
"description": "NULL Pointer Dereference",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "Denial of Service",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T23:02:10.447Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340128 | TOTOLINK WA1200 HTTP Request cstecgi.cgi null pointer dereference",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.340128"
},
{
"name": "VDB-340128 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340128"
},
{
"name": "Submit #733249 | TOTOLINK WA1200 V5.9c.2914 NULL Pointer Dereference",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.733249"
},
{
"tags": [
"related"
],
"url": "https://github.com/JackWesleyy/CVE/blob/main/WA1200/TOTOLINK%20WA1200%20NULL%20Pointer%20Dereference%20Vulnerability.md"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/JackWesleyy/CVE/blob/main/WA1200/TOTOLINK%20WA1200%20NULL%20Pointer%20Dereference%20Vulnerability.md#poc"
},
{
"tags": [
"product"
],
"url": "https://www.totolink.net/"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-08T16:20:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "TOTOLINK WA1200 HTTP Request cstecgi.cgi null pointer dereference"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0731",
"datePublished": "2026-01-08T23:02:10.447Z",
"dateReserved": "2026-01-08T15:15:42.592Z",
"dateUpdated": "2026-01-09T16:23:30.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0730 (GCVE-0-2026-0730)
Vulnerability from cvelistv5 – Published: 2026-01-08 22:02 – Updated: 2026-01-09 18:14 X_Freeware
VLAI?
Title
PHPGurukul Staff Leave Management System SVG File adminviews.py UPDATE_STAFF cross site scripting
Summary
A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADD_STAFF/UPDATE_STAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profile_pic can lead to cross site scripting. The attack can be executed remotely. The exploit has been published and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| PHPGurukul | Staff Leave Management System |
Affected:
1.0
|
Credits
hackerfactory (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0730",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T18:14:36.059851Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T18:14:46.466Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"SVG File Handler"
],
"product": "Staff Leave Management System",
"vendor": "PHPGurukul",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "hackerfactory (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw has been found in PHPGurukul Staff Leave Management System 1.0. The affected element is the function ADD_STAFF/UPDATE_STAFF of the file /staffleave/slms/slms/adminviews.py of the component SVG File Handler. Executing a manipulation of the argument profile_pic can lead to cross site scripting. The attack can be executed remotely. The exploit has been published and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 2.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 3.3,
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "Code Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T22:02:09.530Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340127 | PHPGurukul Staff Leave Management System SVG File adminviews.py UPDATE_STAFF cross site scripting",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340127"
},
{
"name": "VDB-340127 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340127"
},
{
"name": "Submit #733160 | PHPGurukul Staff Leave Management System v1.0 Cross Site Scripting",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.733160"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/rsecroot/Staff-Leave-Management-System/blob/main/Cross%20Site%20Scripting.md"
},
{
"tags": [
"product"
],
"url": "https://phpgurukul.com/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-01-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-08T16:18:16.000Z",
"value": "VulDB entry last update"
}
],
"title": "PHPGurukul Staff Leave Management System SVG File adminviews.py UPDATE_STAFF cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0730",
"datePublished": "2026-01-08T22:02:09.530Z",
"dateReserved": "2026-01-08T15:13:11.306Z",
"dateUpdated": "2026-01-09T18:14:46.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-0729 (GCVE-0-2026-0729)
Vulnerability from cvelistv5 – Published: 2026-01-08 21:32 – Updated: 2026-01-09 18:14 X_Freeware
VLAI?
Title
code-projects Intern Membership Management System add_activity.php sql injection
Summary
A vulnerability was detected in code-projects Intern Membership Management System 1.0. Impacted is an unknown function of the file /intern/admin/add_activity.php. Performing a manipulation of the argument Title results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.
Severity ?
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| code-projects | Intern Membership Management System |
Affected:
1.0
|
Credits
xkalami (VulDB User)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-0729",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-09T18:13:52.139216Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-09T18:14:01.458Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Intern Membership Management System",
"vendor": "code-projects",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "xkalami (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was detected in code-projects Intern Membership Management System 1.0. Impacted is an unknown function of the file /intern/admin/add_activity.php. Performing a manipulation of the argument Title results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 5.8,
"vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "SQL Injection",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-08T21:32:06.804Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-340126 | code-projects Intern Membership Management System add_activity.php sql injection",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.340126"
},
{
"name": "VDB-340126 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.340126"
},
{
"name": "Submit #733004 | code-projects Intern Membership Management System add_activity.php v1.0 SQL injection",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.733004"
},
{
"tags": [
"exploit"
],
"url": "https://github.com/xkalami-Tta0/CVE/blob/main/Intern%20Membership%20Management%20System/Intern%20Membership%20Management%20System%20add_activity.php%20sql%20injection.md"
},
{
"tags": [
"product"
],
"url": "https://code-projects.org/"
}
],
"tags": [
"x_freeware"
],
"timeline": [
{
"lang": "en",
"time": "2026-01-08T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2026-01-08T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2026-01-08T16:13:26.000Z",
"value": "VulDB entry last update"
}
],
"title": "code-projects Intern Membership Management System add_activity.php sql injection"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2026-0729",
"datePublished": "2026-01-08T21:32:06.804Z",
"dateReserved": "2026-01-08T15:08:19.848Z",
"dateUpdated": "2026-01-09T18:14:01.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}