Common Vulnerabilities and Exposures (CVE)

CVE-2026-9427

May 25, 2026 04:45:09 UTC

A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component webs. This manipulation of the argument selSSID/submit-url causes stack-based buffer overflow....

CVE-2026-9426

May 25, 2026 04:30:09 UTC

A vulnerability was detected in Edimax EW-7438RPn 1.31. This affects the function formHwSet of the file /goform/formHwSet. The manipulation of the argument Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wlanAddr/wanAddr/wlanSSID/wlanChan/initgain/...

CVE-2026-9425

May 25, 2026 04:15:09 UTC

A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The impacted element is the function formWlanMP of the file /goform/formWlanMP. The manipulation of the argument ateFunc/ateGain/ateTxCount/ateChan/ateRate/ateMacID/e2pTx...

CVE-2026-9424

May 25, 2026 04:00:15 UTC

A weakness has been identified in Edimax EW-7438RPn 1.31. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component Content-Type Handler. Executing a manipulation of the argument ateFunc/ateGain/ateTxCo...

CVE-2026-9423

May 25, 2026 03:45:09 UTC

A security flaw has been discovered in Edimax BR-6675nD 1.12. Impacted is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The atta...

CVE-2026-9422

May 25, 2026 03:30:10 UTC

A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown processing of the component HTTP POST Request Parameter Handler. Such manipulation leads to injection. The attack can be launched remotely. The e...

CVE-2026-9421

May 25, 2026 03:15:09 UTC

A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrestricted upload. The attack can be initiate...

CVE-2026-48831

May 25, 2026 03:07:02 UTC

Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions o...

CVE-2026-9420

May 25, 2026 03:00:12 UTC

A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has...

CVE-2026-9419

May 25, 2026 02:45:10 UTC

A vulnerability has been found in code-projects Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /empproject.php. The manipulation of the argument ID leads to cross site scripting. It is possi...

CVE-2026-6059

May 25, 2026 02:41:19 UTC

A cross-site scripting vulnerability exists in Aterm. Arbitrary scripts may be executed in the web browser of a user accessing the web management interface via adjacent network.

CVE-2026-8652

May 25, 2026 02:40:41 UTC

An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjacent network.

CVE-2026-9418

May 25, 2026 02:30:10 UTC

A flaw has been found in code-projects Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /changepassemp.php. Executing a manipulation of the argument ID can lead to cross site scripting. ...

CVE-2026-9417

May 25, 2026 02:15:10 UTC

A vulnerability was detected in code-projects Employee Management System 1.0. Affected is an unknown function of the file /myprofileup.php. Performing a manipulation of the argument ID results in cross site scripting. The attack is possible...

CVE-2026-9416

May 25, 2026 02:00:10 UTC

A security vulnerability has been detected in code-projects Employee Management System 1.0. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument ID leads to cross site scripting. The attack can be e...