Skip to main content
CVE-2023-49681 CRITICAL POC Act Now

Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Job Portal
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-49677 CRITICAL POC Act Now

Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Job Portal
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-48722 CRITICAL POC Act Now

Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Student Result Management System
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-48720 CRITICAL POC Act Now

Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Student Result Management System
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-48718 CRITICAL POC Act Now

Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Student Result Management System
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-48716 CRITICAL POC Act Now

Student Result Management System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Student Result Management System
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-48689 CRITICAL POC Act Now

Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Railway Reservation System
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-48687 CRITICAL POC Act Now

Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Railway Reservation System
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-48685 CRITICAL POC Act Now

Railway Reservation System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Railway Reservation System
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-7039 CRITICAL POC THREAT Act Now

A vulnerability classified as critical has been found in Byzoro S210 up to 20231210. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Smart S210 Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
14.2%
CVE-2023-7023 CRITICAL POC Act Now

A vulnerability was found in Tongda OA 2017 up to 11.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Office Anywhere
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-7022 CRITICAL POC Act Now

A vulnerability was found in Tongda OA 2017 up to 11.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Office Anywhere
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-7021 CRITICAL POC Act Now

A vulnerability was found in Tongda OA 2017 up to 11.9. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Office Anywhere
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-7020 CRITICAL POC Act Now

A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Office Anywhere
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-29486 CRITICAL POC Act Now

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows attackers to bypass USB access restrictions, execute arbitrary code, and obtain sensitive information. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Denial Of Service Microsoft Thor
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-29485 CRITICAL POC Act Now

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to bypass network filtering, execute arbitrary code, and obtain. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Microsoft Apple Authentication Bypass Thor
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-49032 CRITICAL POC Act Now

An issue in LTB Self Service Password before v.1.5.4 allows a remote attacker to execute arbitrary code and obtain sensitive information via hijack of the SMS verification code function to arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Self Service Password
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2023-50475 CRITICAL POC Act Now

An issue was discovered in bcoin-org bcoin version 2.2.0, allows remote attackers to obtain sensitive information via weak hashing algorithms in the component \vendor\faye-websocket.js. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bcoin
NVD GitHub
CVSS 3.1
9.1
EPSS
0.5%
CVE-2023-29487 CRITICAL POC Act Now

An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and before on macOS, allows attackers to cause a denial of service (DoS) via the Threat To Process. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Apple Microsoft Thor
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2023-49778 CRITICAL Act Now

Deserialization of Untrusted Data vulnerability in Hakan Demiray Sayfa Sayac.6. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Sayfa Sayac
NVD
CVSS 3.1
10.0
EPSS
0.6%
CVE-2023-6145 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in İstanbul Soft Informatics and Consultancy Limited Company Softomi Advanced C2C Marketplace. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Advanced C2C Marketplace Software
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-51052 CRITICAL Act Now

S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_formauth parameter at /admin/ajax.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi S Cms
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-51051 CRITICAL Act Now

S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_textauth parameter at /admin/ajax.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi S Cms
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-51050 CRITICAL Act Now

S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_productauth parameter at /admin/ajax.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi S Cms
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-51049 CRITICAL Act Now

S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_bbsauth parameter at /admin/ajax.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi S Cms
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-51048 CRITICAL Act Now

S-CMS v5.0 was discovered to contain a SQL injection vulnerability via the A_newsauth parameter at /admin/ajax.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi S Cms
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2023-32242 CRITICAL Act Now

Deserialization of Untrusted Data vulnerability in xtemos WoodMart - Multipurpose WooCommerce Theme.0.36. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Deserialization Woodmart
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-51656 CRITICAL PATCH Act Now

Deserialization of Untrusted Data vulnerability in Apache IoTDB.13.0 through 0.13.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Deserialization Iotdb
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2023-50477 CRITICAL Act Now

An issue was discovered in nos client version 0.6.6, allows remote attackers to escalate privileges via getRPCEndpoint.js. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Nos Client
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-51655 CRITICAL Act Now

In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode via a malicious plugin repository specified in the project configuration. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Intellij Idea
NVD
CVSS 3.1
9.8
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy