Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2024-33961

    SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the foll... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-33965

    SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the foll... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-33966

    SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the foll... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-33967

    SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the foll... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-33968

    SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the foll... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-33969

    SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the foll... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-33970

    SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the foll... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-33971

    SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the foll... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-33972

    SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the foll... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-33973

    SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the foll... Read more

    • Published: Aug. 06, 2024
    • Modified: Aug. 08, 2024

  • 6.1

    MEDIUM
    CVE-2024-41242

    A Reflected Cross Site Scripting (XSS) vulnerability was found in /smsa/student_login.php in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter.... Read more

    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 7.5

    HIGH
    CVE-2024-41245

    An Incorrect Access Control vulnerability was found in /smsa/view_teachers.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view TEACHER details.... Read more

    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 7.5

    HIGH
    CVE-2024-41244

    An Incorrect Access Control vulnerability was found in /smsa/view_class.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view CLASS details.... Read more

    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-34479

    SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection.... Read more

    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 9.1

    CRITICAL
    CVE-2024-41247

    An Incorrect Access Control vulnerability was found in /smsa/add_class.php and /smsa/add_class_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new class entry.... Read more

    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 7.5

    HIGH
    CVE-2024-41248

    An Incorrect Access Control vulnerability was found in /smsa/add_subject.php and /smsa/add_subject_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to add a new subject entry.... Read more

    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 7.5

    HIGH
    CVE-2024-41249

    An Incorrect Access Control vulnerability was found in /smsa/view_subject.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view SUBJECT details.... Read more

    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 6.5

    MEDIUM
    CVE-2024-41252

    An Incorrect Access Control vulnerability was found in /smsa/admin_student_register_approval.php and /smsa/admin_student_register_approval_submit.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to... Read more

    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 8.4

    HIGH
    CVE-2024-41308

    An issue in the Ping feature of IT Solutions Enjay CRM OS v1.0 allows attackers to escape the restricted terminal environment and gain root-level privileges on the underlying system.... Read more

    Affected Products : enjay_crm
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024

  • 5.3

    MEDIUM
    CVE-2024-41432

    An IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. This issue allows an attacker to replace their real IP address with any arbitrary IP address, specifically by adding a forged 'X-Forwarded' or 'Client-IP' header to request... Read more

    Affected Products : likeshop
    • Published: Aug. 07, 2024
    • Modified: Aug. 08, 2024
Showing 20 of 291003 Results