Skip to main content
CVE-2024-24300 CRITICAL POC Act Now

4ipnet EAP-767 v3.42.00 is vulnerable to Incorrect Access Control. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Eap 767 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-25223 CRITICAL POC Act Now

Simple Admin Panel App v1.0 was discovered to contain a SQL injection vulnerability via the orderID parameter at /adminView/viewEachOrder.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Simple Admin Panel
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-25222 CRITICAL POC Act Now

Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the projectID parameter at /TaskManager/EditProject.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Task Manager
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-25220 CRITICAL POC Act Now

Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the taskID parameter at /TaskManager/EditTask.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Task Manager
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-25217 CRITICAL POC Act Now

Online Medicine Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /omos/?p=products/view_product. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Medicine Ordering System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-25216 CRITICAL POC Act Now

Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the mailud parameter at /aprocess.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Employee Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-25215 CRITICAL POC Act Now

Employee Managment System v1.0 was discovered to contain a SQL injection vulnerability via the pwd parameter at /aprocess.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Employee Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-25214 CRITICAL POC Act Now

An issue in Employee Managment System v1.0 allows attackers to bypass authentication via injecting a crafted payload into the E-mail and Password parameters at /alogin.html. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Employee Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-25211 CRITICAL POC Act Now

Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the category parameter at /endpoint/delete_category.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Simple Expense Tracker App
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-25210 CRITICAL POC Act Now

Simple Expense Tracker v1.0 was discovered to contain a SQL injection vulnerability via the expense parameter at /endpoint/delete_expense.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Simple Expense Tracker App
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-25209 CRITICAL POC Act Now

Barangay Population Monitoring System 1.0 was discovered to contain a SQL injection vulnerability via the resident parameter at /endpoint/delete-resident.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Barangay Population Monitoring System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-6441 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in UNI-PA University Marketing & Computer Internet Trade Inc. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi University Information System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2024-24691 CRITICAL Act Now

Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an escalation of privilege via. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Meeting Software Development Kit Rooms Vdi Windows Meeting Clients +1
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2024-23786 CRITICAL Act Now

Cross-site scripting vulnerability in Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows a network-adjacent unauthenticated attacker to execute an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Jh Rvb1 Firmware Jh Rv11 Firmware
NVD
CVSS 3.1
9.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy