Skip to main content
CVE-2024-50717 CRITICAL POC Act Now

SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the client parameter in the /recuperaLog.php component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP RCE Smart Agent
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-50716 CRITICAL POC Act Now

SQL injection vulnerability in Smart Agent v.1.1.0 allows a remote attacker to execute arbitrary code via the id parameter in the /sendPushManually.php component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP RCE Smart Agent
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-50713 CRITICAL POC Act Now

SmartAgent v1.1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tests/interface.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Smart Agent
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-50944 CRITICAL Act Now

Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart functionality. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2024-56521 CRITICAL PATCH Act Now

An issue was discovered in TCPDF before 6.8.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Tcpdf
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-54450 CRITICAL Act Now

An issue was discovered in Kurmi Provisioning Suite 7.9.0.33. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
9.4
EPSS
0.5%
CVE-2024-56732 CRITICAL Act Now

HarfBuzz is a text shaping engine. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Harfbuzz
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy