Skip to main content
CVE-2023-1740 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Air Cargo Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Air Cargo Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-25076 CRITICAL POC PATCH THREAT Act Now

A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb80df9b7b345cc9eba55df74a07b498819ba). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Sniproxy
NVD GitHub
CVSS 3.1
9.8
EPSS
65.5%
CVE-2023-28731 CRITICAL POC Act Now

AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's creation on front-office due to unrestricted file upload allowing PHP code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE File Upload PHP Microsoft Acymailing
NVD
CVSS 3.1
9.8
EPSS
1.8%
CVE-2023-1712 CRITICAL POC PATCH Act Now

Use of Hard-coded, Security-relevant Constants in GitHub repository deepset-ai/haystack prior to 0.1.30. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Haystack
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1725 CRITICAL Act Now

Server-Side Request Forgery (SSRF) vulnerability in Infoline Project Management System allows Server Side Request Forgery.09.31.125. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Project Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.3%
CVE-2023-1741 CRITICAL Act Now

A vulnerability was found in jeecg-boot 3.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java SQLi Jeecg Boot
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-1739 CRITICAL Act Now

A vulnerability was found in SourceCodester Simple and Beautiful Shopping Cart System 1.0 and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload PHP Simple And Beautiful Shopping Cart System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-1738 CRITICAL Act Now

A vulnerability has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Young Entrepreneur E Negosyo System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-28462 CRITICAL PATCH Act Now

A JNDI rebind operation in the default ORB listener in Payara Server 4.1.2.191 (Enterprise), 5.20.0 and newer (Enterprise), and 5.2020.1 and newer (Community), when Java 1.8u181 and earlier is used,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Deserialization Payara Server
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-1737 CRITICAL Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Young Entrepreneur E Negosyo System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-1735 CRITICAL Act Now

A vulnerability classified as critical was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Young Entrepreneur E Negosyo System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-1734 CRITICAL Act Now

A vulnerability classified as critical has been found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload PHP Young Entrepreneur E Negosyo System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2023-1699 CRITICAL Act Now

Rapid7 Nexpose versions 6.6.186 and below suffer from a forced browsing vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nexpose
NVD
CVSS 3.1
9.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy