Skip to main content
CVE-2024-6273 MEDIUM POC This Month

A vulnerability was found in SourceCodester Clinic Queuing System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Clinic Queuing System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-6268 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in lahirudanushka School Management System 1.0.0/1.0.1. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP School Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-39331 CRITICAL PATCH Act Now

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

Code Injection RCE Emacs
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2024-6266 MEDIUM POC This Month

A vulnerability classified as critical has been found in Pear Admin Boot up to 2.0.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Pear Admin Boot
NVD VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-6269 MEDIUM POC THREAT This Month

A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection Rg Uac Firmware
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
20.6%
CVE-2024-6267 MEDIUM POC This Month

A vulnerability classified as problematic was found in SourceCodester Service Provider Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Service Provider Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.5%
CVE-2024-4841 LOW POC Monitor

A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'add_reference_to_local_mode' function due to the lack of input sanitization. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Lollms Webui
NVD
CVSS 3.1
3.3
EPSS
0.7%
CVE-2024-39334 MEDIUM This Month

MENDELSON AS4 before 2024 B376 has a client-side vulnerability when a trading partner provides prepared XML data. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization
NVD
CVSS 3.1
6.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy