Skip to main content
CVE-2020-24841 CRITICAL POC Act Now

PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Pnpscada
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
1.8%
CVE-2021-27104 CRITICAL KEV THREAT Act Now

Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Fta
NVD GitHub
CVSS 3.1
9.8
EPSS
56.4%
CVE-2021-27103 CRITICAL KEV THREAT Act Now

Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Fta
NVD GitHub
CVSS 3.1
9.8
EPSS
11.3%
CVE-2021-27101 CRITICAL KEV THREAT Act Now

Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Fta
NVD GitHub
CVSS 3.1
9.8
EPSS
6.0%
CVE-2021-25648 CRITICAL Act Now

Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Testes De Codigo
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2021-27236 CRITICAL Act Now

An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure Voice
NVD
CVSS 3.1
9.8
EPSS
2.1%
CVE-2021-27234 CRITICAL Act Now

An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Voice
NVD
CVSS 3.1
9.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy