Unrestricted file upload in the Multi Purpose Mail Form WordPress plugin (versions through 1.0.2) by Lindeni Mahlalela allows unauthenticated remote attackers to upload arbitrary files including web shells, yielding full server compromise. CVSS is 10.0 with scope change, and publicly available exploit code exists; EPSS sits at 1.14% (78th percentile), indicating moderate but not yet widespread automated exploitation interest.
langflow <=1.0.18 is vulnerable to Remote Code Execution (RCE) as any component provided the code functionality and the components run on the local machine rather than in a sandbox. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In agentscope <=v0.0.4, the file agentscope\web\workstation\workflow_utils.py has the function is_callable_expression. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted XML file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Unrestricted file upload in the Helloprint WordPress plugin (versions through 2.0.4) allows remote unauthenticated attackers to upload web shells and achieve full server compromise. The CVSS 10.0 score reflects network-reachable, no-auth exploitation with scope change and full CIA impact, though no public exploit has been identified at time of analysis and EPSS remains modest at 1.23% (79th percentile).
Unrestricted file upload in the RSVPMaker for Toastmasters WordPress plugin (versions through 6.2.4) allows remote unauthenticated attackers to upload web shells and achieve full server compromise. The CVSS 10.0 score reflects scope change with complete confidentiality, integrity, and availability impact, though no public exploit identified at time of analysis and EPSS remains modest at 0.89% (75th percentile).
Unrestricted file upload in the Stacks Mobile App Builder WordPress plugin (versions up to and including 5.2.3) permits remote unauthenticated attackers to upload arbitrary files, including web shells, to vulnerable WordPress sites. The CVSS 10.0 score with a scope-changed vector reflects full compromise potential of the underlying web server, though no public exploit has been identified at time of analysis and the EPSS score of 0.89% (75th percentile) suggests no widespread exploitation observed yet.
Unrestricted file upload in the RainbowLink All Post Contact Form WordPress plugin (versions up to and including 1.8.2) allows remote unauthenticated attackers to upload web shells and achieve full server compromise. The CVSS 10.0 score with scope change (S:C) indicates the impact extends beyond the vulnerable component to the underlying WordPress host. No public exploit identified at time of analysis, and EPSS of 0.89% (75th percentile) suggests moderate but not yet widespread exploitation interest.
Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Stars SMTP Mailer stars-smtp-mailer allows Upload a Web Shell to a Web Server.2.1. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Unrestricted Upload of File with Dangerous Type vulnerability in rudrainn Training - Courses training allows Upload a Web Shell to a Web Server.0.1. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Refit is an automatic type-safe REST library for .NET Core, Xamarin and .NET The various header-related Refit attributes (Header, HeaderCollection and Authorize) are vulnerable to CRLF injection. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Command Injection.19. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Special Elements used in a Command ('Command Injection'), Improper Neutralization of Special Elements used in an. Rated critical severity (CVSS 9.2), this vulnerability is low attack complexity. No vendor patch available.
This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in certain API endpoints. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Session Fixation vulnerability in Apache Kylin.0.0 through 4.x. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.