Skip to main content
CVE-2019-5454 CRITICAL PATCH Act Now

SQL Injection in the Nextcloud Android app prior to version 3.0.0 allows to destroy a local cache when a harmful query is executed requiring to resetup the account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Nextcloud Google
NVD
CVSS 3.1
9.8
EPSS
2.0%
CVE-2019-13026 CRITICAL Act Now

OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Injection via a crafted URL, leading to full access by an attacker. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Eshop
NVD
CVSS 3.0
9.8
EPSS
1.4%
CVE-2019-14313 CRITICAL PATCH Act Now

A SQL injection vulnerability exists in the 10Web Photo Gallery plugin before 1.5.31 for WordPress. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi WordPress PHP Photo Gallery
NVD
CVSS 3.1
9.8
EPSS
4.5%
CVE-2019-11202 CRITICAL PATCH Act Now

An issue was discovered that affects the following versions of Rancher: v2.0.0 through v2.0.13, v2.1.0 through v2.1.8, and v2.2.0 through 2.2.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Rancher
NVD
CVSS 3.0
9.8
EPSS
1.6%
CVE-2019-10141 CRITICAL PATCH Act Now

A vulnerability was found in openstack-ironic-inspector all versions excluding 5.0.2, 6.0.3, 7.2.4, 8.0.3 and 8.2.1. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi Denial Of Service Ironic Inspector Openstack
NVD
CVSS 3.0
9.1
EPSS
2.5%
CVE-2019-13635 CRITICAL PATCH Act Now

The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFastestCache.php and inc/cache.php Directory Traversal. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

PHP Path Traversal WordPress Wp Fastest Cache
NVD
CVSS 3.0
9.1
EPSS
44.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy