Qinguoyi Tinywebserver vulnerabilities
3 known vulnerabilities affecting qinguoyi/tinywebserver.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2025-3266P2CRITICALCVSS 9.8v1.02025-04-04
CVE-2025-3266 [CRITICAL] CWE-119 CVE-2025-3266: A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.
A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/http_conn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the pu
nvd
CVE-2025-3268P2CRITICALCVSS 9.8≤ 1.0v1.02025-04-04
CVE-2025-3268 [CRITICAL] CWE-287 CVE-2025-3268: A vulnerability has been found in qinguoyi TinyWebServer up to 1.0 and classified as critical. This
A vulnerability has been found in qinguoyi TinyWebServer up to 1.0 and classified as critical. This vulnerability affects unknown code of the file http/http_conn.cpp. The manipulation of the argument m_url_real leads to improper authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
nvd
CVE-2025-3267P3HIGHCVSS 8.8v1.02025-04-04
CVE-2025-3267 [HIGH] CWE-74 CVE-2025-3267: A vulnerability, which was classified as critical, was found in qinguoyi TinyWebServer up to 1.0. Th
A vulnerability, which was classified as critical, was found in qinguoyi TinyWebServer up to 1.0. This affects an unknown part of the file /http/http_conn.cpp. The manipulation of the argument name/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
nvd