Skip to main content
CVE-2024-3523 HIGH POC This Week

A vulnerability classified as critical was found in Campcodes Online Event Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Event Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-3522 HIGH POC This Week

A vulnerability classified as critical has been found in Campcodes Online Event Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Event Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-29988 HIGH POC KEV PATCH THREAT This Week

SmartScreen Prompt Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Windows 10 1809 Windows 10 21h2 Windows 10 22h2 Windows 11 21H2 +5
NVD
CVSS 3.1
8.8
EPSS
45.2%
CVE-2024-3281 HIGH POC This Week

A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in CCX devices. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Poly Ccx 350 Poly Ccx 400 Poly Ccx 500 Poly Ccx 505 +2
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-31507 HIGH POC This Week

Sourcecodester Online Graduate Tracer System v1.0 is vulnerable to SQL Injection via the "request" parameter in admin/fetch_gendercs.php. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Graduate Tracer System
NVD GitHub
CVSS 3.1
8.6
EPSS
0.5%
CVE-2024-31506 HIGH POC This Week

Sourcecodester Online Graduate Tracer System v1.0 is vulnerable to SQL Injection via the "id" parameter in admin/admin_cs.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Online Graduate Tracer System
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-2344 HIGH POC This Week

SQL injection in the Avada theme for WordPress (versions up to and including 7.11.6) allows authenticated attackers with editor-level privileges or above to append arbitrary SQL queries via the 'entry' parameter and extract sensitive database contents. Publicly available exploit code exists, though EPSS places exploitation probability at 1.11% (78th percentile), indicating moderate but not widespread automated targeting. The flaw stems from insufficient input escaping and unprepared SQL statements in a widely-deployed commercial WordPress theme.

SQLi WordPress Avada
NVD GitHub
CVSS 3.1
7.2
EPSS
1.1%
CVE-2024-1974 HIGH PATCH This Week

The HT Mega - Absolute Addons For Elementor plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.6 via the render function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal WordPress Ht Mega
NVD VulDB
CVSS 3.1
8.8
EPSS
2.6%
CVE-2023-6999 HIGH This Week

The Pods - Custom Content Types and Fields plugin for WordPress is vulnerable to Remote Code Exxecution via shortcode in all versions up to, and including, 3.0.10 (with the exception of 2.7.31.2,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Command Injection Pods
NVD VulDB
CVSS 3.1
8.8
EPSS
1.2%
CVE-2024-2693 HIGH This Week

The Link Whisper Free plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.7.1 via deserialization of untrusted input of the 'mfn-page-items' post meta. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Deserialization WordPress Information Disclosure
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-1990 HIGH PATCH This Week

The RegistrationMagic - Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to blind SQL Injection via the ‘id’ parameter of the RM_Form shortcode. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

SQLi WordPress Registrationmagic
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-2341 HIGH PATCH This Week

The Appointment Booking Calendar - Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the keys parameter in all versions up to, and including, 1.6.7.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

SQLi WordPress Simply Schedule Appointments
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2024-2018 HIGH This Week

The WP Activity Log Premium plugin for WordPress is vulnerable to SQL Injection via the entry->roles parameter in all versions up to, and including, 4.6.4 due to insufficient escaping on the user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi WordPress PHP Wp Activity Log
NVD VulDB
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-2342 HIGH PATCH This Week

The Appointment Booking Calendar - Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the customer_id parameter in all versions up to, and including,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

SQLi WordPress Simply Schedule Appointments
NVD
CVSS 3.1
8.8
EPSS
0.5%
CVE-2024-1315 HIGH This Week

The Classified Listing - Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Classified Listing
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-6967 HIGH This Week

The Pods - Custom Content Types and Fields plugin for WordPress is vulnerable to SQL Injection via shortcode in all versions up to, and including, 3.0.10 (with the exception of 2.7.31.2, 2.8.23.2,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi WordPress Pods
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-1893 HIGH PATCH This Week

The Easy Property Listings plugin for WordPress is vulnerable to time-based SQL Injection via the ‘property_status’ shortcode attribute in all versions up to, and including, 3.5.2 due to insufficient. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

SQLi WordPress Easy Property Listings
NVD VulDB
CVSS 3.1
8.8
EPSS
0.4%
CVE-2024-1991 HIGH PATCH This Week

The RegistrationMagic - Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.

Authentication Bypass Privilege Escalation WordPress Registrationmagic
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-2125 HIGH This Week

The EnvíaloSimple: Email Marketing y Newsletters plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload WordPress CSRF Envialosimple
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-29993 HIGH This Week

Azure CycleCloud Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Azure Cyclecloud
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2024-29985 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29984 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29983 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29982 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29053 HIGH PATCH This Week

Microsoft Defender for IoT Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Defender For Iot
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2024-29048 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29047 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Sql Server 2019 +1
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29046 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29044 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-29043 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Use After Free Microsoft RCE Memory Corruption Odbc Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28945 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Ole Db Driver For Sql Server Sql Server 2019 +1
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2024-28944 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Microsoft Ole Db Driver For Sql Server Sql Server 2019 Sql Server 2022
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28943 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Odbc Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28942 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Ole Db Driver For Sql Server Sql Server 2019 +1
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28941 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Odbc Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2024-28940 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28939 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Information Disclosure Microsoft Ole Db Driver For Sql Server Sql Server 2019 +1
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2024-28938 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure RCE Microsoft Odbc Driver For Sql Server +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2024-28937 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Odbc Driver For Sql Server +4
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2024-28936 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Odbc Driver For Sql Server Sql Server 2019 +3
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28935 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Odbc Driver For Sql Server +4
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28934 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Microsoft Odbc Driver For Sql Server +4
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28933 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Odbc Driver For Sql Server Sql Server 2019 +3
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28932 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Odbc Driver For Sql Server +4
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28931 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Odbc Driver For Sql Server Sql Server 2019 +3
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28930 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Odbc Driver For Sql Server Sql Server 2019 +3
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28929 HIGH This Week

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow RCE Microsoft Sql Server 2019 Sql Server 2022 +3
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28927 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2024-28926 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2024-28915 HIGH This Week

Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow RCE Microsoft Ole Db Driver For Sql Server +2
NVD
CVSS 3.1
8.8
EPSS
2.2%
Page 1 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy