Skip to main content
CVE-2023-1301 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Friendly Island Pizza Website And Ordering System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1300 CRITICAL POC Act Now

A vulnerability classified as critical was found in SourceCodester COVID 19 Testing Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Covid 19 Testing Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-27214 CRITICAL POC Act Now

Online Student Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the fromdate and todate parameters at /eduauth/student/between-date-reprtsdetails.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Student Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-27213 CRITICAL POC Act Now

Online Student Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter at /eduauth/student/search.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Student Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-27210 CRITICAL POC Act Now

Online Pizza Ordering System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/view_order.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Pizza Ordering System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-27207 CRITICAL POC Act Now

Online Pizza Ordering System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/manage_user.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Pizza Ordering System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-27205 CRITICAL POC Act Now

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the month parameter at /kruxton/sales_report.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Pos Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-27204 CRITICAL POC Act Now

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /kruxton/manage_user.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Pos Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-27203 CRITICAL POC Act Now

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /billing/home.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Pos Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-27202 CRITICAL POC Act Now

Best POS Management System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /kruxton/receipt.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Best Pos Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1294 CRITICAL POC Act Now

A vulnerability was found in SourceCodester File Tracker Manager System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi File Tracker Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1292 CRITICAL POC Act Now

A vulnerability has been found in SourceCodester Sales Tracker Management System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Sales Tracker Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1291 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Sales Tracker Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Sales Tracker Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1290 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in SourceCodester Sales Tracker Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Sales Tracker Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-26110 CRITICAL POC Act Now

All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Node Bluetooth
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-26109 CRITICAL POC Act Now

All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Node Bluetooth Serial Port
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-26957 CRITICAL POC Act Now

onekeyadmin v1.3.9 was discovered to contain an arbitrary file delete vulnerability via the component \admin\controller\plugins. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Onekeyadmin
NVD GitHub
CVSS 3.1
9.1
EPSS
0.6%
CVE-2023-1251 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Akinsoft Wolvox.02.03. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Wolvox
NVD VulDB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2023-1303 CRITICAL Act Now

A vulnerability was found in UCMS 1.6 and classified as critical.php of the component System File Management Module. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload PHP Ucms
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1287 CRITICAL Act Now

An XSL template vulnerability in ENOVIA Live Collaboration V6R2013xE allows Remote Code Execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Enovia Live Collaboration
NVD
CVSS 3.1
9.8
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy