Security Vulnerabilities
A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promo_send' parameter in the '/assets/php/calculate_discount.php'.
CVSS Score
9.8
EPSS Score
0.0
Published
2026-03-09
A reflected Cross-Site Scripting (XSS) vulnerability has been
found in Eventobot. This vulnerability allows an attacker to execute
JavaScript code in the victim's browser by sending him/her a malicious
URL using the 'name' parameter in '/search-results'. This vulnerability
can be exploited to steal sensitive user data, such as session cookies,
or to perform actions on behalf of the user.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-03-09
A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
CVSS Score
8.8
EPSS Score
0.001
Published
2026-03-09
A vulnerability was determined in itsourcecode Payroll Management System 1.0. Affected is an unknown function of the file /manage_employee_allowances.php. This manipulation of the argument ID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
CVSS Score
4.3
EPSS Score
0.0
Published
2026-03-09
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-09
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-09
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-09
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-09
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-03-09
In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
CVSS Score
7.5
EPSS Score
0.002
Published
2026-03-09