Skip to main content
CVE-2023-1947 CRITICAL POC Act Now

A vulnerability was found in taoCMS 3.0.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection PHP Taocms
NVD VulDB
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-27033 CRITICAL POC Act Now

Prestashop cdesigner v3.1.3 to v3.1.8 was discovered to contain a code injection vulnerability via the component CdesignerSaverotateModuleFrontController::initContent(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Cdesigner
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-1942 CRITICAL POC Act Now

A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Online Computer And Laptop Store
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-1941 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in SourceCodester Simple and Beautiful Shopping Cart System 1.0.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple And Beautiful Shopping Cart System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-29478 CRITICAL POC Act Now

BiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames, allowing restricted write access to almost anywhere on the filesystem. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Path Traversal Bibliocraft
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-26978 CRITICAL POC Act Now

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pppoeAcName parameter at /setting/setWanIeCfg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-26848 CRITICAL POC Act Now

TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the org parameter at setting/delStaticDhcpRules. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection A7100Ru Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2023-27021 CRITICAL POC Act Now

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the formSetFirewallCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-27020 CRITICAL POC Act Now

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the saveParentControlInfo function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-27019 CRITICAL POC Act Now

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_458FBC function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-27018 CRITICAL POC Act Now

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45EC1C function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-27017 CRITICAL POC Act Now

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_45DC58 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-27016 CRITICAL POC Act Now

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the R7WebsSecurityHandler function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-27015 CRITICAL POC Act Now

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_4A75C0 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-27014 CRITICAL POC Act Now

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the sub_46AC38 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-27013 CRITICAL POC Act Now

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the get_parentControl_list_Info function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-27012 CRITICAL POC Act Now

Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the setSchedWifi function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-24797 CRITICAL POC Act Now

D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a stack overflow in the sub_48AC20 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption D-Link +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-1940 CRITICAL POC Act Now

A vulnerability classified as critical was found in SourceCodester Simple and Beautiful Shopping Cart System 1.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple And Beautiful Shopping Cart System
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.6%
CVE-2023-28706 CRITICAL PATCH Act Now

Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider.0.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Code Injection Apache Airflow Hive Provider
NVD GitHub
CVSS 3.1
9.8
EPSS
2.8%
CVE-2023-25220 CRITICAL Act Now

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the add_white_node function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-25219 CRITICAL Act Now

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromDhcpListClient function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-25218 CRITICAL Act Now

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the form_fast_setting_wifi_set function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-25217 CRITICAL Act Now

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formWifiBasicSet function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-25216 CRITICAL Act Now

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the formSetFirewallCfg function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-25215 CRITICAL Act Now

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the saveParentControlInfo function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-25214 CRITICAL Act Now

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the setSchedWifi function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-25213 CRITICAL Act Now

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the check_param_changed function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-25212 CRITICAL Act Now

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetWirelessRepeat function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-25211 CRITICAL Act Now

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the R7WebsSecurityHandler function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-25210 CRITICAL Act Now

Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetSysTime function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Tenda Memory Corruption +1
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-24800 CRITICAL Act Now

D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption D-Link +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-24799 CRITICAL Act Now

D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption D-Link +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-24798 CRITICAL Act Now

D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_475FB0 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service RCE Memory Corruption D-Link +1
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy