Skip to main content
CVE-2023-33386 CRITICAL POC Act Now

MarsCTF 1.2.1 has an arbitrary file upload vulnerability in the interface for uploading attachments in the background. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Marsctf
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-3100 CRITICAL POC Act Now

A vulnerability, which was classified as critical, has been found in IBOS 4.5.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Ibos
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-3065 CRITICAL POC Act Now

Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows Authentication Bypass.3.20. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Amxgt 100
NVD
CVSS 3.1
9.1
EPSS
0.8%
CVE-2023-29631 CRITICAL Act Now

PrestaShop jmsslider 1.6.0 is vulnerable to Incorrect Access Control via ajax_jmsslider.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload PHP Jms Slider
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-29630 CRITICAL Act Now

PrestaShop jmsmegamenu 1.1.x and 2.0.x is vulnerable to SQL Injection via ajax_jmsmegamenu.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Jms Drop Mega Menu
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-29629 CRITICAL Act Now

PrestaShop jmsthemelayout 2.5.5 is vulnerable to SQL Injection via ajax_jmsvermegamenu.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Jmsthemelayout
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-0636 CRITICAL Act Now

Improper Input Validation vulnerability in ABB Ltd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Abb Command Injection Aspect Ent 2 Firmware Aspect Ent 12 Firmware Aspect Ent 256 Firmware +16
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-0635 CRITICAL Act Now

Improper Privilege Management vulnerability in ABB Ltd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Abb Aspect Ent 2 Firmware Aspect Ent 12 Firmware Aspect Ent 256 Firmware +16
NVD
CVSS 3.1
9.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy