Skip to main content
CVE-2021-37358 CRITICAL POC Act Now

SQL Injection in SEACMS v210530 (2021-05-30) allows remote attackers to execute arbitrary code via the component "admin_ajax.php?action=checkrepeat&v_name=". Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP RCE Seacms
NVD GitHub
CVSS 3.1
9.8
EPSS
2.3%
CVE-2021-21825 CRITICAL POC Act Now

A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Heap Overflow RCE Xmill
NVD
CVSS 3.1
9.8
EPSS
2.3%
CVE-2021-32588 CRITICAL Act Now

A use of hard-coded credentials (CWE-798) vulnerability in FortiPortal versions 5.2.5 and below, 5.3.5 and below, 6.0.4 and below, versions 5.1.x and 5.0.x may allow a remote and unauthenticated. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Tomcat Authentication Bypass Fortiportal
NVD
CVSS 3.1
9.8
EPSS
3.3%
CVE-2021-34730 CRITICAL Act Now

A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Cisco Stack Overflow Denial Of Service +5
NVD
CVSS 3.1
9.8
EPSS
13.6%
CVE-2021-37608 CRITICAL PATCH Act Now

Unrestricted Upload of File with Dangerous Type vulnerability in Apache OFBiz allows an attacker to execute remote commands.12.07 and prior versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

Apache Atlassian File Upload Ofbiz
NVD
CVSS 3.1
9.8
EPSS
6.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy