Skip to main content
CVE-2023-30194 CRITICAL POC THREAT Act Now

Prestashop posstaticfooter <= 1.0.0 is vulnerable to SQL Injection via posstaticfooter::getPosCurrentHook(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Poststaticfooter
NVD
CVSS 3.1
9.8
EPSS
32.4%
CVE-2023-31471 CRITICAL POC Act Now

An issue was discovered on GL.iNet devices before 3.216. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gl S20 Firmware Gl X3000 Firmware Gl Mt3000 Firmware Gl Mt2500 Firmware +28
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2023-2619 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours Travels Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-30354 CRITICAL Act Now

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 does not defend against physical access to U-Boot via the UART: the Wi-Fi password is shown, and the hardcoded boot password can be. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tenda Cp3 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.4%
CVE-2023-30353 CRITICAL Act Now

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code execution via an XML document. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Tenda Cp3 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-30352 CRITICAL Act Now

Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 was discovered to contain a hard-coded default password for the RTSP feed. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tenda Cp3 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-32569 CRITICAL Act Now

An issue was discovered in Veritas InfoScale Operations Manager (VIOM) before 7.4.2.800 and 8.x before 8.0.410. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SQLi Infoscale Operations Manager
NVD
CVSS 3.1
9.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy