Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-15	CVE-2024-49388	Authorization Bypass Through User-Controlled Key vulnerability in Acronis Cyber Protect 16 Sensitive information manipulation due to improper authorization. network low complexity acronis CWE-639 critical	9.1
2024-10-15	CVE-2024-9975	Unrestricted Upload of File with Dangerous Type vulnerability in Rems Drag and Drop Image Upload 1.0 A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. network low complexity rems CWE-434	8.8
2024-10-15	CVE-2024-9976	SQL Injection vulnerability in Code-Projects Pharmacy Management System 1.0 A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. network low complexity code-projects CWE-89 critical	9.8
2024-10-15	CVE-2024-47945	Insufficient Entropy vulnerability in Rittal products The devices are vulnerable to session hijacking due to insufficient entropy in its session ID generation algorithm. network low complexity rittal CWE-331 critical	9.8
2024-10-15	CVE-2024-9973	SQL Injection vulnerability in Oretnom23 Online Eyewear Shop 1.0 A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. network low complexity oretnom23 CWE-89 critical	9.8
2024-10-15	CVE-2024-9974	SQL Injection vulnerability in Oretnom23 Online Eyewear Shop 1.0 A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. network low complexity oretnom23 CWE-89 critical	9.8
2024-10-15	CVE-2024-9895	Cross-site Scripting vulnerability in Zaytech Smart Online Order for Clover The Smart Online Order for Clover plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's moo_receipt_link shortcode in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity zaytech CWE-79	5.4
2024-10-15	CVE-2024-9925	SQL Injection vulnerability in Taismartfactory Qplant SF 1.0 SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. network low complexity taismartfactory CWE-89 critical	9.8
2024-10-15	CVE-2024-9983	Path Traversal vulnerability in Ragic Enterprise Cloud Database Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. network low complexity ragic CWE-22	7.5
2024-10-15	CVE-2024-9984	Missing Authentication for Critical Function vulnerability in Ragic Enterprise Cloud Database Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie. network low complexity ragic CWE-306 critical	9.8

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities