Skip to main content
CVE-2023-24258 CRITICAL POC Act Now

SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi Spip
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2023-25234 CRITICAL POC THREAT Act Now

Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromAddressNat via parameters entrys and mitInterface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac500 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
16.6%
CVE-2023-25233 CRITICAL POC Act Now

Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tenda Ac500 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-25231 CRITICAL POC Act Now

Tenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tenda W30e Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-23156 CRITICAL POC Act Now

Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the pid parameter in the single-product page. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Art Gallery Management System
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
3.7%
CVE-2023-23155 CRITICAL POC Act Now

Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the username parameter in the Admin Login. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Art Gallery Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-23080 CRITICAL POC Act Now

Certain Tenda products are vulnerable to command injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tenda It7 Lcs Firmware It7 Pcs Firmware It7 Prs Firmware +2
NVD GitHub
CVSS 3.1
9.8
EPSS
2.5%
CVE-2023-24206 CRITICAL POC Act Now

Davinci v0.3.0-rc was discovered to contain a SQL injection vulnerability via the copyDisplay function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Davinci
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-23513 CRITICAL Act Now

A buffer overflow issue was addressed with improved memory handling. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Apple macOS
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2023-24253 CRITICAL Act Now

Domotica Labs srl Ikon Server before v2.8.6 was discovered to contain a SQL injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Ikon Server
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-1054 CRITICAL Act Now

A vulnerability was found in SourceCodester Music Gallery Site 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Music Gallery Site
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-1053 CRITICAL Act Now

A vulnerability was found in SourceCodester Music Gallery Site 1.0 and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Music Gallery Site
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy