Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-20 | CVE-2024-6190 | Unspecified vulnerability in Angeljudesuarez Farm Management System 1.0 A vulnerability was found in itsourcecode Farm Management System 1.0. | 9.8 |
| 2024-06-20 | CVE-2024-6191 | Unspecified vulnerability in Angeljudesuarez Student Management System 1.0 A vulnerability classified as critical has been found in itsourcecode Student Management System 1.0. | 9.8 |
| 2024-06-20 | CVE-2024-6192 | Unspecified vulnerability in Angeljudesuarez Loan Management System 1.0 A vulnerability classified as critical was found in itsourcecode Loan Management System 1.0. | 9.8 |
| 2024-06-20 | CVE-2024-6113 | Unspecified vulnerability in Janobe Monbela Tourist INN Online Reservation System 1.0 A vulnerability was found in itsourcecode Monbela Tourist Inn Online Reservation System 1.0. | 9.8 |
| 2024-06-20 | CVE-2024-3605 | SQL Injection vulnerability in Thimpress WP Hotel Booking The WP Hotel Booking plugin for WordPress is vulnerable to SQL Injection via the 'room_type' parameter of the /wphb/v1/rooms/search-rooms REST API endpoint in all versions up to, and including, 2.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 |
| 2024-06-20 | CVE-2024-5182 | Unspecified vulnerability in Mudler Localai A path traversal vulnerability exists in mudler/localai version 2.14.0, where an attacker can exploit the `model` parameter during the model deletion process to delete arbitrary files. | 9.1 |
| 2024-06-19 | CVE-2024-36678 | SQL Injection vulnerability in Promokit PK Themesettings 1.8.8 In the module "Theme settings" (pk_themesettings) <= 1.8.8 from Promokit.eu for PrestaShop, a guest can perform SQL injection. | 9.8 |
| 2024-06-19 | CVE-2024-36684 | SQL Injection vulnerability in Prestashop PK Customlinks In the module "Custom links" (pk_customlinks) <= 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. | 9.8 |
| 2024-06-19 | CVE-2022-45832 | Missing Authorization vulnerability in Hennessey Attorney Missing Authorization vulnerability in Hennessey Digital Attorney.This issue affects Attorney: from n/a through 3. | 9.8 |
| 2024-06-19 | CVE-2023-36515 | Unspecified vulnerability in Thimpress Learnpress Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through 4.2.3. | 9.8 |