Skip to main content
CVE-2024-2147 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Mobile Store Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-2148 HIGH POC This Week

A vulnerability classified as critical has been found in SourceCodester Online Mobile Management Store 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Online Mobile Store Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-2149 HIGH POC This Week

A vulnerability classified as critical was found in CodeAstro Membership Management System 1.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Membership Management System
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.6%
CVE-2024-0765 MEDIUM POC PATCH This Month

As a default user on a multi-user instance of AnythingLLM, you could execute a call to the `/export-data` endpoint of the system and then unzip and read that export that would enable you do. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Anythingllm
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-2134 MEDIUM POC This Month

A vulnerability has been found in Bdtask Hospita AutoManager up to 20240223 and classified as problematic. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Hospital Automanager
NVD VulDB
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-2146 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Online Mobile Store Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2024-2145 MEDIUM POC This Month

A vulnerability was found in SourceCodester Online Mobile Management Store 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Mobile Store Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2024-2135 MEDIUM POC This Month

A vulnerability was found in Bdtask Hospita AutoManager up to 20240223 and classified as problematic. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hospital Automanager
NVD VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2024-25847 CRITICAL Act Now

SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation SQLi Product Catalog Csv Excel Import
NVD GitHub
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-24302 CRITICAL Act Now

An issue was discovered in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows remote attackers to execute arbitrary code, escalate privileges, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization RCE Product Designer
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-26469 HIGH This Week

Server-Side Request Forgery (SSRF) vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows remote attackers to cause a denial of service. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF CSRF Denial Of Service Product Designer
NVD GitHub
CVSS 3.1
8.1
EPSS
0.3%
CVE-2024-28084 HIGH This Week

p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Inet Wireless Daemon Fedora
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2024-27255 HIGH This Week

IBM MQ Operator 2.0.0 LTS, 2.0.18 LTS, 3.0.0 CD, 3.0.1 CD, 2.4.0 through 2.4.7, 2.3.0 through 2.3.3, 2.2.0 through 2.2.2, and 2.3.0 through 2.3.3 uses weaker than expected cryptographic algorithms. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Mq Operator
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-25842 HIGH This Week

An issue was discovered in Presta World "Account Manager - Sales Representative & Dealers - CRM" (prestasalesmanager) module for PrestaShop before version 9.0, allows remote attackers to escalate. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Account Manager
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-25839 HIGH PATCH This Week

An issue was discovered in Webbax "Super Newsletter" (supernewsletter) module for PrestaShop versions 1.4.21 and before, allows local attackers to escalate privileges and obtain sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Super Newsletter
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-25844 HIGH This Week

An issue was discovered in Common-Services "So Flexibilite" (soflexibilite) module for PrestaShop before version 4.1.26, allows remote attackers to escalate privileges and obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure So Flexibilite
NVD GitHub
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-24307 HIGH This Week

Path Traversal vulnerability in Tunis Soft "Product Designer" (productdesigner) module for PrestaShop before version 1.178.36, allows a remote attacker to escalate privileges and obtain sensitive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Product Designer
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-25016 HIGH This Week

IBM MQ and IBM MQ Appliance 9.0, 9.1, 9.2, 9.3 LTS and 9.3 CD could allow a remote unauthenticated attacker to cause a denial of service due to incorrect buffering logic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Denial Of Service Mq Mq Appliance
NVD
CVSS 3.1
7.5
EPSS
0.8%
CVE-2024-25551 MEDIUM This Month

Cross Site Scripting (XSS) vulnerability in sourcecodester Simple Student Attendance System v1.0 allows attackers to execute arbitrary code via crafted GET request to web application URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XSS Simple Student Attendance System
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-22355 MEDIUM This Month

IBM QRadar Suite Products 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 does not require that users should have strong passwords by default, which makes it. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Brute Force Information Disclosure Cloud Pak For Security Qradar Suite
NVD
CVSS 3.1
5.9
EPSS
0.4%
CVE-2024-2150 MEDIUM This Month

A vulnerability, which was classified as critical, has been found in SourceCodester Insurance Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Insurance Management System
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.6%
CVE-2024-2133 LOW Monitor

A vulnerability, which was classified as problematic, was found in Bdtask Isshue Multi Store eCommerce Shopping Cart Solution 4.0. Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD VulDB
CVSS 3.1
2.4
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy