Skip to main content
CVE-2018-14592 CRITICAL POC Act Now

The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Cw Article Attachments Free Cw Article Attachments Pro
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
3.1%
CVE-2018-14829 CRITICAL POC THREAT Act Now

Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Rockwell RCE Buffer Overflow Stack Overflow Rslinx
NVD
CVSS 3.0
9.8
EPSS
16.1%
CVE-2018-17254 CRITICAL POC THREAT Act Now

The JCK Editor component 6.4.4 for Joomla!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Jck Editor
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
83.0%
CVE-2018-11287 CRITICAL Act Now

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Mdm9206 Firmware Mdm9607 Firmware Mdm9650 Firmware +26
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2018-17243 CRITICAL Act Now

Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Zoho Manageengine Opmanager
NVD
CVSS 3.0
9.8
EPSS
74.4%
CVE-2018-17232 CRITICAL Act Now

SQL injection vulnerability in archivebot.py in docmarionum1 Slack ArchiveBot (aka slack-archive-bot) before 2018-09-19 allows remote attackers to execute arbitrary SQL commands via the text. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Slack Archivebot
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy