Security Vulnerabilities
An OS command injection vulnerability exists in PLDT WiFi Router's Prolink PGN6401V Firmware 8.1.2 web management interface. The ping6.asp page submits user input to the /boaform/formPing6 endpoint via the pingAddr parameter, which is not properly sanitized. An authenticated attacker can exploit this flaw by injecting arbitrary system commands, which are executed by the underlying operating system with root privileges. The router uses the Boa web server (version 0.93.15) to handle the request. Successful exploitation can lead to full system compromise and unauthorized control of the network device.
CVSS Score
5.3
EPSS Score
0.03
Published
2025-09-03
Tenda AC8 v16.03.34.06 is vulnerable to Buffer Overflow in the formWifiBasicSet function via the parameter security or security_5g.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-09-03
Slink v1.4.9 allows stored cross-site scripting (XSS) via crafted SVG uploads. When a user views the shared image in a new browser tab, the embedded JavaScript executes. The issue affects both authenticated and unauthenticated users.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-09-03
phpgurukul Complaint Management System in PHP 2.0 is vulnerable to Cross Site Scripting (XSS) in admin/subcategory.php via the categoryName parameter.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-09-03
phpgurukul Complaint Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in admin/userprofile.php via the fullname parameter.
CVSS Score
8.8
EPSS Score
0.001
Published
2025-09-03
In Jenkins Git client Plugin 6.3.2 and earlier, except 6.1.4 and 6.2.1, Git URL field form validation responses differ based on whether the specified file path exists on the controller when specifying `amazon-s3` protocol for use with JGit, allowing attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-09-03
Jenkins global-build-stats Plugin 322.v22f4db_18e2dd and earlier does not perform permission checks in its REST API endpoints, allowing attackers with Overall/Read permission to enumerate graph IDs.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-09-03
A missing permission check in Jenkins OpenTelemetry Plugin 3.1543.v8446b_92b_cd64 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVSS Score
4.2
EPSS Score
0.0
Published
2025-09-03
cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_array_index_from_pointer function in cJSON_Utils.c, allowing remote attackers to bypass array bounds checking and access restricted data via malformed JSON pointer strings containing alphanumeric characters.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-09-03
phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL Injection in user/reset-password.php via the mobileno parameter.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-09-03