Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-12-26 CVE-2024-12938 SQL Injection vulnerability in Code-Projects Simple Admin Panel 1.0
A vulnerability has been found in code-projects Simple Admin Panel 1.0 and classified as critical.
network
low complexity
code-projects CWE-89
critical
 9.1
9.1
2024-12-26 CVE-2024-12935 SQL Injection vulnerability in Code-Projects Simple Admin Panel 1.0
A vulnerability classified as critical was found in code-projects Simple Admin Panel 1.0.
network
low complexity
code-projects CWE-89
critical
 9.8
9.8
2024-12-26 CVE-2024-12936 SQL Injection vulnerability in Code-Projects Simple Admin Panel 1.0
A vulnerability, which was classified as critical, has been found in code-projects Simple Admin Panel 1.0.
network
low complexity
code-projects CWE-89
critical
 9.8
9.8
2024-12-25 CVE-2024-12927 SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0
A vulnerability, which was classified as critical, has been found in 1000 Projects Attendance Tracking Management System 1.0.
network
low complexity
1000projects CWE-89
critical
 9.8
9.8
2024-12-25 CVE-2024-39727 Unspecified vulnerability in IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2/7.0.3
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 uses a web link with untrusted references to an external site.
network
low complexity
ibm
critical
 9.8
9.8
2024-12-25 CVE-2024-8950 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Arne Informatics Piramit Automation allows Blind SQL Injection.This issue affects Piramit Automation: before 27.09.2024.
network
low complexity
CWE-89
critical
 9.9
9.9
2024-12-25 CVE-2024-52046 Deserialization of Untrusted Data vulnerability in Apache Mina
The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process incoming serialized data but lacks the necessary security checks and defenses.
network
low complexity
apache CWE-502
critical
 9.8
9.8
2024-12-25 CVE-2024-11281 The WooCommerce Point of Sale plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0.
network
low complexity
CWE-862
critical
 9.8
9.8
2024-12-23 CVE-2024-12898 SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0
A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0.
network
low complexity
1000projects CWE-89
critical
 9.8
9.8
2024-12-23 CVE-2024-12899 SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0
A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0.
network
low complexity
1000projects CWE-89
critical
 9.8
9.8