Skip to main content
CVE-2018-19925 CRITICAL POC Act Now

An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Sales Company Management System
NVD GitHub
CVSS 3.0
9.8
EPSS
1.1%
CVE-2018-19893 CRITICAL POC Act Now

SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html query string. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Pbootcms
NVD GitHub
CVSS 3.0
9.8
EPSS
1.1%
CVE-2018-9556 CRITICAL PATCH Act Now

In ParsePayloadHeader of payload_metadata.cc, there is a possible out of bounds write due to an integer overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Privilege Escalation Buffer Overflow Google Android
NVD
CVSS 3.1
9.8
EPSS
2.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy