Skip to main content
CVE-2023-23279 CRITICAL POC Act Now

Canteen Management System 1.0 is vulnerable to SQL Injection via /php_action/getOrderReport.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Canteen Management System
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-24221 CRITICAL POC Act Now

LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/DeptMapper.xml. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Luckyframeweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-24220 CRITICAL POC Act Now

LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/RoleMapper.xml. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Luckyframeweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-24219 CRITICAL POC Act Now

LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Luckyframeweb
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-23064 CRITICAL Act Now

TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass A720R Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-0883 CRITICAL Act Now

A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Pizza Ordering System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy