Security Vulnerabilities
A vulnerability classified as critical has been found in D-Link DIR-890L and DIR-806A1 up to 100CNb11/108B03. Affected is the function sub_175C8 of the file /htdocs/soap.cgi. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Score
6.3
EPSS Score
0.001
Published
2025-05-06
Vulnerability of unauthorized access in the app lock module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVSS Score
4.4
EPSS Score
0.0
Published
2025-05-06
Vulnerability of unauthorized access in the app lock module
Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality.
CVSS Score
4.4
EPSS Score
0.0
Published
2025-05-06
Bypass vulnerability in the network search instruction authentication module
Impact: Successful exploitation of this vulnerability can bypass authentication and enable access to some network search functions.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-05-06
Out-of-bounds data read vulnerability in the authorization module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-05-06
Null pointer dereference vulnerability in the USB HDI driver module
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
4.4
EPSS Score
0.0
Published
2025-05-06
Process residence vulnerability in abnormal scenarios in the print module
Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.1
EPSS Score
0.0
Published
2025-05-06
A vulnerability classified as critical was found in SourceCodester Online Student Clearance System 1.0. This vulnerability affects unknown code of the file /Admin/login.php. The manipulation of the argument id/username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-05-06
A vulnerability was found in PHPGurukul Company Visitor Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /visitor-detail.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2025-05-06
Vulnerability of insufficient information protection in the media library module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
6.2
EPSS Score
0.0
Published
2025-05-06