Skip to main content
CVE-2024-45169 CRITICAL POC Act Now

An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization RCE Idol2
NVD
CVSS 3.1
9.8
EPSS
1.4%
CVE-2024-45167 CRITICAL POC Act Now

An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization RCE Idol2
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2024-45166 CRITICAL POC Act Now

An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Deserialization RCE Denial Of Service Idol2
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-42773 CRITICAL POC Act Now

An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to edit the valid hotel room. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Hotel Management System
NVD GitHub
CVSS 3.1
9.1
EPSS
0.5%
CVE-2024-42775 CRITICAL POC Act Now

An Incorrect Access Control vulnerability was found in /admin/add_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to add the valid hotel room. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Hotel Management System
NVD GitHub
CVSS 3.1
9.1
EPSS
0.5%
CVE-2024-45168 CRITICAL POC Act Now

An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Idol2
NVD
CVSS 3.1
9.1
EPSS
0.7%
CVE-2024-36445 CRITICAL Act Now

Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-43331 CRITICAL Act Now

Missing Authorization vulnerability in VeronaLabs WP SMS.9.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wp Sms
NVD
CVSS 3.1
9.8
EPSS
0.4%
CVE-2024-36439 CRITICAL Act Now

Swissphone DiCal-RED 4009 devices allow a remote attacker to gain access to the administrative web interface via the device password's hash value, without knowing the actual device password. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation
NVD
CVSS 3.1
9.4
EPSS
0.9%
CVE-2024-45163 CRITICAL Act Now

The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command and control) server. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service
NVD VulDB
CVSS 3.1
9.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy