Skip to main content
CVE-2023-51812 CRITICAL POC Act Now

Tenda AX3 v16.03.12.11 was discovered to contain a remote code execution (RCE) vulnerability via the list parameter at /goform/SetNetControlList. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Tenda RCE Ax3 Firmware
NVD
CVSS 3.1
9.8
EPSS
2.6%
CVE-2023-51154 CRITICAL POC Act Now

Jizhicms v2.5 was discovered to contain an arbitrary file download vulnerability via the component /admin/c/PluginsController.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Information Disclosure Jizhicms
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-49666 CRITICAL POC Act Now

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Billing Software
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-50752 CRITICAL POC Act Now

Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Notice Board System
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-50867 CRITICAL POC Act Now

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Travel Website
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-50866 CRITICAL POC Act Now

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Travel Website
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-50865 CRITICAL POC Act Now

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Travel Website
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-50864 CRITICAL POC Act Now

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Travel Website
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-50863 CRITICAL POC Act Now

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Travel Website
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-50862 CRITICAL POC Act Now

Travel Website v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Travel Website
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-50753 CRITICAL POC Act Now

Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Notice Board System
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-50743 CRITICAL POC Act Now

Online Notice Board System v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Notice Board System
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-49658 CRITICAL POC Act Now

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Billing Software
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-49625 CRITICAL POC Act Now

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Billing Software
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-49665 CRITICAL POC Act Now

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Billing Software
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-49639 CRITICAL POC Act Now

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Billing Software
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-49633 CRITICAL POC Act Now

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Billing Software
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-49624 CRITICAL POC Act Now

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Billing Software
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2023-49622 CRITICAL POC Act Now

Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Billing Software
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2024-22051 CRITICAL PATCH Act Now

CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Buffer Overflow RCE Cmark Gfm Commonmarker
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
7.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy