Zerone0x00/CVE

Releases0

Stars1

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-28136 ↗	Apr 15, 2025Tuesday, 15 April 2025, 14:15	6.5 MEDIUM	—
TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in the downloadFile.cgi.
CVE-2025-28137 ↗	Apr 15, 2025Tuesday, 15 April 2025, 14:15	9.8 CRITICAL	—
The TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter.
CVE-2025-22214 ↗	Jan 2, 2025Thursday, 2 January 2025, 04:15	4.3 MEDIUM	—
Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection.
CVE-2024-56829 ↗	Jan 2, 2025Thursday, 2 January 2025, 04:15	10 CRITICAL	—
Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx.