Skip to main content
CVE-2024-2527 HIGH POC This Week

A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online College Event Hall Reservation System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-1685 HIGH This Week

The Social Media Share Buttons plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.1.0 via deserialization of untrusted input through the attachmentUrl. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Deserialization WordPress Information Disclosure Social Media Share Buttons
NVD VulDB
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-51474 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Pixelemu TerraClassifieds.0.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2024-2532 HIGH This Week

A vulnerability classified as critical was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Online College Event Hall Reservation System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-2531 HIGH This Week

A vulnerability classified as critical has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP File Upload Online College Event Hall Reservation System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-2529 HIGH This Week

A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP File Upload Online College Event Hall Reservation System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-2528 HIGH This Week

A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Online College Event Hall Reservation System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-2524 HIGH This Week

A vulnerability, which was classified as critical, has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Online College Event Hall Reservation System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-2516 HIGH This Week

A vulnerability, which was classified as critical, was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi PHP Online College Event Hall Reservation System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-22259 HIGH PATCH This Week

Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF Java Open Redirect Spring Framework Active Iq Unified Manager
NVD
CVSS 3.1
8.1
EPSS
2.6%
CVE-2024-28640 HIGH This Week

Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Denial Of Service X5000r Firmware A7000r Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
14.2%
CVE-2024-28069 HIGH This Week

A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct an information disclosure attack due to improper. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Micontact Center Business
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2024-27195 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in sverde1 Watermark RELOADED watermark-reloaded allows Cross Site Request Forgery.3.5. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD VulDB
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-27197 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Bee BeePress allows Stored XSS.9.8. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS CSRF
NVD
CVSS 3.1
7.1
EPSS
0.1%
CVE-2024-27194 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Andrei Ivasiuc Fontific | Google Fonts allows Stored XSS.1.6. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google XSS CSRF Fontific
NVD
CVSS 3.1
7.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy