Latest CVE Feed
-
9.8
CRITICALCVE-2023-7116
A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument... Read more
Affected Products : datax-web- Published: Dec. 27, 2023
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-0355
A vulnerability, which was classified as critical, was found in PHPGurukul Dairy Farm Shop Management System up to 1.1. Affected is an unknown function of the file add-category.php. The manipulation of the argument category leads to sql injection. The exp... Read more
Affected Products : dairy_farm_shop_management_system- Published: Jan. 10, 2024
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-0603
A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an unknown part of the file app/plug/controller/giftcontroller.php. The manipulation of the argument mylike leads to deserialization. It is possible to initiate the at... Read more
Affected Products : zhicms- Published: Jan. 16, 2024
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-0733
A vulnerability was found in Smsot up to 2.12. It has been classified as critical. Affected is an unknown function of the file /api.php of the component HTTP POST Request Handler. The manipulation of the argument data[sign] leads to sql injection. It is p... Read more
Affected Products : smsot- Published: Jan. 19, 2024
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-0338
A buffer overflow vulnerability has been found in XAMPP affecting version 8.2.4 and earlier. An attacker could execute arbitrary code through a long file debug argument that controls the Structured Exception Handler (SEH).... Read more
Affected Products : xampp- Published: Feb. 02, 2024
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-24188
Jsish v3.5.0 was discovered to contain a heap-buffer-overflow in ./src/jsiUtils.c.... Read more
Affected Products : jsish- Published: Feb. 07, 2024
- Modified: Jun. 09, 2025
-
9.8
CRITICALCVE-2023-38995
An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via crafted curl command.... Read more
Affected Products : schuhfried- Published: Feb. 07, 2024
- Modified: May. 15, 2025
-
9.8
CRITICALCVE-2023-5779
can: out of bounds in remove_rx_filter function... Read more
Affected Products : zephyr- Published: Feb. 18, 2024
- Modified: Jan. 22, 2025
-
9.8
CRITICALCVE-2024-25802
SKINsoft S-Museum 7.02.3 allows Unrestricted File Upload via the Add Media function. Unlike in CVE-2024-25801, the attack payload is the file content.... Read more
Affected Products : s-museum- Published: Feb. 22, 2024
- Modified: Feb. 14, 2025
-
9.8
CRITICALCVE-2023-7103
Authentication Bypass by Primary Weakness vulnerability in ZKSoftware Biometric Security Solutions UFace 5 allows Authentication Bypass.This issue affects UFace 5: through 12022024. ... Read more
Affected Products : uface_5- Published: Mar. 05, 2024
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-2406
A vulnerability, which was classified as critical, was found in Gacjie Server up to 1.0. This affects the function index of the file /app/admin/controller/Upload.php. The manipulation of the argument file leads to unrestricted upload. It is possible to in... Read more
Affected Products : gacjie_server- Published: Mar. 12, 2024
- Modified: Jan. 22, 2025
-
9.8
CRITICALCVE-2024-2051
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that could cause account takeover and unauthorized access to the system when an attacker conducts brute-force attacks against the login form. ... Read more
Affected Products :- Published: Mar. 18, 2024
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-3439
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Account/login.php. The manipulation leads to sql injection. It is possible to launch the attack remo... Read more
- Published: Apr. 08, 2024
- Modified: Feb. 10, 2025
-
9.8
CRITICALCVE-2024-5377
A vulnerability was found in SourceCodester Vehicle Management System 1.0. It has been classified as critical. This affects an unknown part of the file /newvehicle.php. The manipulation of the argument file leads to unrestricted upload. It is possible to ... Read more
- Published: May. 26, 2024
- Modified: Feb. 10, 2025
-
9.8
CRITICALCVE-2024-5515
A vulnerability was found in SourceCodester Stock Management System 1.0. It has been classified as critical. Affected is an unknown function of the file createBrand.php. The manipulation of the argument brandName leads to sql injection. It is possible to ... Read more
- Published: May. 30, 2024
- Modified: Feb. 10, 2025
-
9.8
CRITICALCVE-2024-39374
TELSAT marKoni FM Transmitters are vulnerable to an attacker exploiting a hidden admin account that can be accessed through the use of hard-coded credentials.... Read more
- Published: Jun. 27, 2024
- Modified: Nov. 21, 2024
-
9.8
CRITICAL- Published: Jul. 16, 2024
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2024-42843
Projectworlds Online Examination System v1.0 is vulnerable to SQL Injection via the subject parameter in feed.php.... Read more
Affected Products : online_examination_system- Published: Aug. 15, 2024
- Modified: Aug. 19, 2024
-
9.8
CRITICALCVE-2024-7919
A vulnerability, which was classified as critical, has been found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805. This issue affects some unknown processing of the file /report/ParkChargeRecord/GetDataList. The manipulati... Read more
Affected Products : jielink\+_jsotc2016- Published: Aug. 19, 2024
- Modified: Aug. 21, 2024
-
9.8
CRITICALCVE-2024-42559
An issue in the login component (process_login.php) of Hotel Management System commit 79d688 allows attackers to authenticate without providing a valid password.... Read more
Affected Products :- Published: Aug. 20, 2024
- Modified: Aug. 20, 2024