Skip to main content
CVE-2024-2317 CRITICAL POC Act Now

A vulnerability was found in Bdtask Hospital AutoManager up to 20240227 and classified as problematic. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Hospital Automanager
NVD VulDB
CVSS 3.1
9.1
EPSS
0.8%
CVE-2024-21899 CRITICAL POC THREAT Act Now

An improper authentication vulnerability has been reported to affect several QNAP operating system versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qnap Qts Quts Hero Qutscloud
NVD
CVSS 3.1
9.8
EPSS
24.4%
CVE-2024-2283 CRITICAL Act Now

A vulnerability classified as critical has been found in boyiddha Automated-Mess-Management-System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Automated Mess Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-2282 CRITICAL Act Now

A vulnerability was found in boyiddha Automated-Mess-Management-System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Automated Mess Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-2281 CRITICAL Act Now

A vulnerability was found in boyiddha Automated-Mess-Management-System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass PHP Automated Mess Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-25849 CRITICAL PATCH Act Now

In the module "Make an offer" (makeanoffer) <= 1.7.1 from PrestaToolKit for PrestaShop, a guest can perform SQL injection via MakeOffers::checkUserExistingOffer()` and `MakeOffers::addUserOffer()` . Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Make An Offer Offer Your Price
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-25845 CRITICAL PATCH Act Now

In the module "CD Custom Fields 4 Orders" (cdcustomfields4orders) <= 1.0.0 from Cleanpresta.com for PrestaShop, a guest can perform SQL injection in affected versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Cd Custom Fields 4 Orders
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-2272 CRITICAL Act Now

A vulnerability classified as critical was found in keerti1924 Online-Book-Store-Website 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Online Bookstore Website
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2024-2271 CRITICAL Act Now

A vulnerability classified as critical has been found in keerti1924 Online-Book-Store-Website 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Online Bookstore Website
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy