Skip to main content
CVE-2024-54907 HIGH POC This Week

TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE A3002r Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
1.1%
CVE-2024-12908 HIGH POC This Week

Delinea addressed a reported case on Secret Server v11.7.31 (protocol handler version 6.0.3.26) where, within the protocol handler function, URI's were compared before normalization and. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Code Injection RCE Secret Server
NVD
CVSS 3.1
8.3
EPSS
0.7%
CVE-2024-12969 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in code-projects Hospital Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Hospital Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12968 MEDIUM POC This Month

A vulnerability classified as critical was found in code-projects Job Recruitment 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Job Recruitment
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12967 MEDIUM POC This Month

A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Job Recruitment
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12966 MEDIUM POC This Month

A vulnerability was found in code-projects Job Recruitment 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Job Recruitment
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12965 MEDIUM POC This Month

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Portfolio Management System Mca
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12964 MEDIUM POC This Month

A vulnerability was found in 1000 Projects Daily College Class Work Report Book 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Daily College Class Work Report Book
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2024-12963 MEDIUM POC This Month

A vulnerability was found in code-projects Job Recruitment 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Job Recruitment
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12962 MEDIUM POC This Month

A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Job Recruitment
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12961 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in 1000 Projects Portfolio Management System MCA 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Portfolio Management System Mca
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12960 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Management System MCA 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Portfolio Management System Mca
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.7%
CVE-2024-12959 MEDIUM POC This Month

A vulnerability classified as critical was found in 1000 Projects Portfolio Management System MCA 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Portfolio Management System Mca
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.7%
CVE-2024-12958 MEDIUM POC This Month

A vulnerability classified as critical has been found in 1000 Projects Portfolio Management System MCA 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Portfolio Management System Mca
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.7%
CVE-2024-12946 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in 1000 Projects Attendance Tracking Management System 1.0.php. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Attendance Tracking Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12945 MEDIUM POC This Month

A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Simple Car Rental System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12944 MEDIUM POC This Month

A vulnerability was found in CodeAstro House Rental Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP House Rental Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12943 MEDIUM POC This Month

A vulnerability was found in CodeAstro House Rental Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP House Rental Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12942 MEDIUM POC This Month

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Portfolio Management System Mca
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-12940 MEDIUM POC This Month

A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Attendance Tracking Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.7%
CVE-2024-12956 MEDIUM POC This Month

A vulnerability was found in 1000 Projects Portfolio Management System MCA 1.0 and classified as critical.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload Portfolio Management System Mca
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-12954 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in 1000 Projects Portfolio Management System MCA 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload Portfolio Management System Mca
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.7%
CVE-2024-12953 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in 1000 Projects Portfolio Management System MCA 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload Portfolio Management System Mca
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.7%
CVE-2024-12951 MEDIUM POC This Month

A vulnerability classified as critical has been found in 1000 Projects Portfolio Management System MCA 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP File Upload Portfolio Management System Mca
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.7%
CVE-2024-12947 MEDIUM POC This Month

A vulnerability was found in Codezips Hospital Management System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Hospital Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-12941 MEDIUM POC This Month

A vulnerability was found in CodeAstro Blood Donor Management System 1.0 and classified as critical.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Blood Donor Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2024-12939 MEDIUM POC This Month

A vulnerability was found in code-projects Job Recruitment 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Job Recruitment
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.4%
CVE-2024-12938 MEDIUM POC This Month

A vulnerability has been found in code-projects Simple Admin Panel 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Simple Admin Panel
NVD VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-12652 CRITICAL Act Now

A Improper Control of Generation of Code ('Code Injection') vulnerability in groovy script function in SmartRobot′s Conversational AI Platform before v7.2.0 allows remote authenticated users to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Smartrobot
NVD
CVSS 4.0
9.3
EPSS
0.7%
CVE-2024-11223 MEDIUM POC This Month

The WPForms WordPress plugin before 1.9.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wpforms
NVD WPScan
CVSS 3.1
4.7
EPSS
0.5%
CVE-2024-10903 MEDIUM POC This Month

The Broken Link Checker WordPress plugin before 2.4.2 does not validate a the link URLs before making a request to them, which could allow admin users to perform SSRF attack, for example on a. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF WordPress Broken Link Checker
NVD WPScan
CVSS 3.1
4.7
EPSS
0.3%
CVE-2024-55950 HIGH This Week

Tabby (formerly Terminus) is a highly configurable terminal emulator. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Apple
NVD GitHub
CVSS 4.0
8.6
EPSS
0.3%
CVE-2024-53850 HIGH This Week

The Addressing GLPI plugin enables you to create IP reports for visualize IP addresses used and free on a given network.. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
8.2
EPSS
0.5%
CVE-2023-7300 HIGH This Week

Huawei Home Music System has a path traversal vulnerability. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. No vendor patch available.

Huawei Path Traversal
NVD
CVSS 3.1
8.0
EPSS
0.0%
CVE-2024-47151 HIGH This Week

Some Honor products are affected by file writing vulnerability, successful exploitation could cause code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Magicos
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2024-45600 HIGH This Week

Fields is a GLPI plugin that allows users to add custom fields on GLPI items forms. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi
NVD GitHub
CVSS 3.1
7.7
EPSS
0.5%
CVE-2024-12955 MEDIUM POC This Month

A vulnerability has been found in PHPGurukul Blood Bank & Donor Management System 2.4 and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP CSRF Blood Bank Donor Management System
NVD VulDB Exploit-DB
CVSS 4.0
6.9
EPSS
0.8%
CVE-2024-51540 MEDIUM This Month

Dell ECS, versions prior to 3.8.1.3 contains an arithmetic overflow vulnerability exists in retention period handling of ECS. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Dell Elastic Cloud Storage
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2024-47150 MEDIUM This Month

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Magicos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-47149 MEDIUM This Month

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Magicos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-8994 MEDIUM This Month

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Magicos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-8993 MEDIUM This Month

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Magicos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-8992 MEDIUM This Month

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Magicos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-47157 MEDIUM This Month

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Magicos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-47155 MEDIUM This Month

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Magicos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-47154 MEDIUM This Month

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Magicos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-47153 MEDIUM This Month

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Magicos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-47148 MEDIUM This Month

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Magicos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-47156 MEDIUM This Month

Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Magicos
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-56361 MEDIUM PATCH This Month

LGSL (Live Game Server List) provides online status for games. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS
NVD GitHub
CVSS 4.0
5.3
EPSS
0.4%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy