Zokeye

#11943of 53,630
23Total CVSS
Vulnerabilities · 3
Medium
1
High
2
PT-2025-17260
9.0
2025-04-08
D Link · D-Link Dwr-M961 · CVE-2025-3785
**Name of the Vulnerable Software and Affected Versions** D-Link DWR-M961 version 1.1.36 **Description** A critical vulnerability has been found in the Authorization Interface component of the D-Link DWR-M961, affecting the file /boafrm/formStaticDHCP. The manipulation of the `Hostname` argument leads to a stack-based buffer overflow. This issue can be initiated remotely. **Recommendations** For version 1.1.36, upgrade to version 1.1.49 to address this issue. As a temporary workaround, consider restricting access to the vulnerable component until the upgrade is applied.
PT-2025-14837
7.5
2025-04-04
Code Projects · Patient Record Management System · CVE-2025-3208
**Name of the Vulnerable Software and Affected Versions** code-projects Patient Record Management System version 1.0 code-projects Patient Record Management System version 3.1 **Description** A critical issue was found in the Patient Record Management System. The manipulation of the `itr no` argument in the `/xray print.php` file leads to SQL injection. This issue can be exploited remotely. **Recommendations** For version 1.0, consider restricting access to the `/xray print.php` file to minimize the risk of exploitation. For version 3.1, avoid using the `itr no` argument in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2025-13552
6.5
2025-03-28
Unknown · Aishida Call Center System · CVE-2025-2916
**Name of the Vulnerable Software and Affected Versions** Aishida Call Center System versions up to 20250314 **Description** A critical issue has been found in the Aishida Call Center System, affecting some unknown processing of the file /doscall/weixin/open/amr2mp3. The manipulation of the `File` argument leads to command injection. The attack may be initiated remotely. **Recommendations** For Aishida Call Center System versions up to 20250314, as a temporary workaround, consider restricting access to the /doscall/weixin/open/amr2mp3 file to minimize the risk of exploitation. Avoid using the `File` argument in the affected processing until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.