Skip to main content
CVE-2021-41646 CRITICAL POC Act Now

Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters.. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP RCE Online Reviewer System
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
3.7%
CVE-2021-41644 CRITICAL POC Act Now

Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Online Food Ordering System
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2021-41643 CRITICAL POC Act Now

Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload Church Management System
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
4.5%
CVE-2021-41676 CRITICAL POC Act Now

An SQL Injection vulnerabilty exists in the oretnom23 Pharmacy Point of Sale System 1.0 in the login function in actions.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Pharmacy Point Of Sale System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-41674 CRITICAL POC Act Now

An SQL Injection vulnerability exists in Sourcecodester E-Negosyo System 1.0 via the user_email parameter in /admin/login.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP E Negosyo System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-3756 CRITICAL POC PATCH Act Now

libmysofa is vulnerable to Heap-based Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Heap Overflow Libmysofa Fedora
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy