Skip to main content
CVE-2024-10131 HIGH POC This Week

The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote code execution (RCE) vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Ragflow
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2024-21536 HIGH POC PATCH This Week

Versions of the package http-proxy-middleware before 2.0.7, from 3.0.0 and before 3.0.3 are vulnerable to Denial of Service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Node.js Denial Of Service Http Proxy Middleware
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2024-10158 MEDIUM POC This Month

A vulnerability classified as problematic has been found in PHPGurukul Boat Booking System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Session Fixation Information Disclosure Boat Booking System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-10157 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Boat Booking System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Boat Booking System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-10156 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Boat Booking System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Boat Booking System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-10141 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in jsbroks COCO Annotator 0.11.1. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Coco Annotator
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.8%
CVE-2024-10155 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Boat Booking System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Boat Booking System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2024-10154 MEDIUM POC This Month

A vulnerability was found in PHPGurukul Boat Booking System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Boat Booking System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-10153 MEDIUM POC This Month

A vulnerability has been found in PHPGurukul Boat Booking System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Boat Booking System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.6%
CVE-2024-10142 MEDIUM POC This Month

A vulnerability has been found in code-projects Blood Bank System 1.0 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Blood Bank System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2024-10140 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in code-projects Pharmacy Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Pharmacy Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
1.3%
CVE-2024-10139 MEDIUM POC This Month

A vulnerability classified as critical was found in code-projects Pharmacy Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Pharmacy Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-10138 MEDIUM POC This Month

A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Pharmacy Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-10137 MEDIUM POC This Month

A vulnerability was found in code-projects Pharmacy Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Pharmacy Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-10136 MEDIUM POC This Month

A vulnerability was found in code-projects Pharmacy Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Pharmacy Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-10135 MEDIUM POC This Month

A vulnerability was found in ESAFENET CDG 5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Cdg
NVD VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-10134 MEDIUM POC This Month

A vulnerability was found in ESAFENET CDG 5 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Cdg
NVD VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-10133 MEDIUM POC This Month

A vulnerability has been found in ESAFENET CDG 5 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Cdg
NVD VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-9219 MEDIUM PATCH This Month

The WordPress Social Share Buttons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Social Share Buttons
NVD
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-9897 MEDIUM PATCH This Month

The StreamWeasels Twitch Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sw-twitch-embed shortcode in all versions up to, and including, 1.8.6 due to. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Twitch Integration
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-9889 MEDIUM PATCH This Month

The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.9 via the Page Loader widget. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

WordPress Information Disclosure Elementinvader Addons For Elementor
NVD
CVSS 3.1
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy