Skip to main content
CVE-2023-43654 CRITICAL POC PATCH THREAT Act Now

TorchServe is a tool for serving and scaling PyTorch models in production. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Information Disclosure Torchserve
NVD GitHub
CVSS 3.1
9.8
EPSS
35.3%
CVE-2023-44166 CRITICAL POC Act Now

The 'age' parameter of the process_registration.php resource does not validate the characters received and they are sent unfiltered to the database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Movie Ticket Booking System
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-44164 CRITICAL POC Act Now

The 'Email' parameter of the process_login.php resource does not validate the characters received and they are sent unfiltered to the database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Movie Ticket Booking System
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-44163 CRITICAL POC Act Now

The 'search' parameter of the process_search.php resource does not validate the characters received and they are sent unfiltered to the database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Movie Ticket Booking System
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-43739 CRITICAL POC Act Now

The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Book Store Project
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-5053 CRITICAL POC Act Now

Hospital management system version 378c157 allows to bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Hospital Management System In Php
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-5004 CRITICAL POC Act Now

Hospital management system version 378c157 allows to bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Hospital Management System In Php
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-43013 CRITICAL POC Act Now

Asset Management System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'email' parameter of index.php page, allowing an external attacker to dump all the contents of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Asset Management System
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-30415 CRITICAL POC Act Now

Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/view_inquiry.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Packers And Movers Management System
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-43869 CRITICAL POC Act Now

D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard56 function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow D-Link Dir 619l Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-38870 CRITICAL POC Act Now

A SQL injection vulnerability exists in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Economizzer
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-44273 CRITICAL PATCH Act Now

Consensys gnark-crypto through 0.11.2 allows Signature Malleability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Gnark Crypto
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy