Skip to main content
CVE-2024-33959 HIGH This Week

SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Credit Card Debit Card Payment Paypal +2
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-33958 HIGH This Week

SQL injection vulnerability in E-Negosyo System affecting version 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Young Entrepreneur E Negosyo System
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-33957 HIGH This Week

SQL injection vulnerability in E-Negosyo System affecting version 1.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP Young Entrepreneur E Negosyo System
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-41995 HIGH This Week

Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver.12.89 and earlier. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2024-28962 HIGH This Week

Dell Command | Update, Dell Update, and Alienware Update UWP, versions prior to 5.4, contain an Exposed Dangerous Method or Function vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Denial Of Service Alienware Update Command Update Update
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-7485 HIGH This Week

The Traffic Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'page' parameter in the 'UserWebStat' AJAX function in all versions up to, and including, 1.4.5 due to. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS
NVD
CVSS 3.1
7.2
EPSS
0.4%
CVE-2024-7484 HIGH PATCH This Week

The CRM Perks Forms plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'handle_uploaded_files' function in versions up to, and including, 1.1.3. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.

RCE WordPress File Upload Crm Perks Forms
NVD
CVSS 3.1
7.2
EPSS
0.9%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy