Skip to main content
CVE-2024-1832 CRITICAL POC Act Now

A vulnerability has been found in SourceCodester Complete File Management System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Complete File Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-1831 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Complete File Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Complete File Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-1830 CRITICAL POC Act Now

A vulnerability was found in code-projects Library System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Library System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-1829 CRITICAL POC Act Now

A vulnerability was found in code-projects Library System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Library System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-1828 CRITICAL POC Act Now

A vulnerability was found in code-projects Library System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Library System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-1827 CRITICAL POC Act Now

A vulnerability was found in code-projects Library System 1.0 and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Library System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-1783 CRITICAL POC Act Now

A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130/9.3.5u.6698_B20230810. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Stack Overflow Lr1200Gb Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
2.0%
CVE-2024-1781 CRITICAL POC THREAT Act Now

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.852_20230719. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection X6000r Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
14.7%
CVE-2024-27133 CRITICAL POC PATCH Act Now

Insufficient sanitization in MLflow leads to XSS when running a recipe that uses an untrusted dataset. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Mlflow
NVD GitHub
CVSS 3.1
9.6
EPSS
0.7%
CVE-2024-27132 CRITICAL POC PATCH Act Now

Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Mlflow
NVD GitHub
CVSS 3.1
9.6
EPSS
0.9%
CVE-2024-24681 CRITICAL Act Now

An issue was discovered in Yealink Configuration Encrypt Tool (AES version) and Yealink Configuration Encrypt Tool (RSA version before 1.2). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Configuration Encryption Tool
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-22988 CRITICAL Act Now

ZKteco ZKBio WDMS before 9.0.2 Build 20250526 allows an attacker to download a database backup via the /files/backup/ component because the filename is based on a predictable timestamp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Code Injection RCE Zkbio Wdms
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-25730 CRITICAL Act Now

Hitron CODA-4582 and CODA-4589 devices have default PSKs that are generated from 5-digit hex values concatenated with a "Hitron" substring, resulting in insufficient entropy (only about one million. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Coda 4582U Firmware Coda 4589 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-1826 CRITICAL Act Now

A vulnerability has been found in code-projects Library System 1.0 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Library System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-1824 CRITICAL Act Now

A vulnerability, which was classified as critical, has been found in CodeAstro House Rental Management System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP House Rental Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-1820 CRITICAL Act Now

A vulnerability was found in code-projects Crime Reporting System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Crime Reporting System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-1817 CRITICAL Act Now

A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass PHP Dm Enterprise Website Building System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-25928 CRITICAL Act Now

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sitepact.0.5. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Contact Form 7 Extension For Klaviyo
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-27319 CRITICAL PATCH Act Now

Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Information Disclosure Onnx Fedora
NVD GitHub
CVSS 3.1
9.1
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy