Skip to main content
CVE-2023-37266 CRITICAL POC PATCH Act Now

CasaOS is an open-source Personal Cloud system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Casaos
NVD GitHub
CVSS 3.1
9.8
EPSS
5.9%
CVE-2023-37265 CRITICAL POC PATCH Act Now

CasaOS is an open-source Personal Cloud system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Casaos Casaos Gateway
NVD GitHub
CVSS 3.1
9.8
EPSS
6.4%
CVE-2023-37461 CRITICAL POC Act Now

Metersphere is an opensource testing framework. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Metersphere
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-37791 CRITICAL POC THREAT Act Now

D-Link DIR-619L v2.04(TW) was discovered to contain a stack overflow via the curTime parameter at /goform/formLogin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 619l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
11.5%
CVE-2023-3186 CRITICAL POC Act Now

The Popup by Supsystic WordPress plugin before 1.10.19 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties into Object.prototype. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection WordPress Popup
NVD WPScan
CVSS 3.1
9.8
EPSS
1.4%
CVE-2023-3696 CRITICAL POC PATCH Act Now

Prototype Pollution in GitHub repository automattic/mongoose prior to 7.3.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Prototype Pollution Mongoose
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-3376 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digital Strategy Zekiweb allows SQL Injection. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-2963 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Oliva Expertise Oliva Expertise EKS allows SQL Injection.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-2958 CRITICAL Act Now

Authorization Bypass Through User-Controlled Key vulnerability in Origin Software ATS Pro allows Authentication Abuse, Authentication Bypass. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ats Pro
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2023-26512 CRITICAL Act Now

7.0\V1.8.0 on windows\linux\mac os e.g. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Microsoft Deserialization Eventmesh Connector Rabbitmq
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-3695 CRITICAL Act Now

A vulnerability classified as critical has been found in Campcodes Beauty Salon Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Beauty Salon Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy