Skip to main content

Webopac

8 CVEs product

Monthly

CVE-2024-11021 MEDIUM This Month

Webopac from Grand Vice info has Stored Cross-site Scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Webopac
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-11020 CRITICAL Act Now

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webopac
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2024-11019 MEDIUM This Month

Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webopac
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-11018 CRITICAL Act Now

Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Webopac
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-11017 HIGH This Week

Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Webopac
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-11016 CRITICAL Act Now

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webopac
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2021-42839 HIGH This Week

Grand Vice info Co. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Webopac
NVD
CVSS 3.1
8.8
EPSS
2.4%
CVE-2021-42838 MEDIUM This Month

Grand Vice info Co. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webopac
NVD
CVSS 3.1
6.1
EPSS
0.6%
EPSS 0% CVSS 5.4
MEDIUM This Month

Webopac from Grand Vice info has Stored Cross-site Scripting vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Webopac
NVD
EPSS 0% CVSS 9.8
CRITICAL Act Now

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webopac
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webopac
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE File Upload Webopac
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Webopac
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webopac
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Grand Vice info Co. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE File Upload Webopac
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

Grand Vice info Co. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Webopac
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy