Skip to main content
CVE-2023-6619 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple Student Attendance System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-6617 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Simple Student Attendance System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple Student Attendance System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-6612 CRITICAL POC THREAT Act Now

A vulnerability was found in Totolink X5000R 9.1.0cu.2300_B20230112. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X5000r Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
30.7%
CVE-2023-49443 CRITICAL POC Act Now

DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Doracms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-49007 CRITICAL POC Act Now

In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Netgear Rbr750 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
9.0%
CVE-2023-48929 CRITICAL POC Act Now

Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Session Fixation System Sentinel Anyware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-5008 CRITICAL POC Act Now

Student Information System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'regno' parameter of index.php page, allowing an external attacker to dump all the contents of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Student Information System
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2023-46498 CRITICAL PATCH Act Now

An issue in EverShop NPM versions before v.1.0.0-rc.8 allows a remote attacker to obtain sensitive information and execute arbitrary code via the /deleteCustomer/route.json file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Node.js RCE Evershop
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2023-48423 CRITICAL Act Now

In dhcp4_SetPDNAddress of dhcp4_Main.c, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Android
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-43742 CRITICAL Act Now

An authentication bypass in Zultys MX-SE, MX-SE II, MX-E, MX-Virtual, MX250, and MX30 with firmware versions prior to 17.0.10 patch 17161 and 16.04 patch 16109 allows an unauthenticated attacker to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Mx Se Firmware Mx Se Ii Firmware Mx E Firmware +3
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy