Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-31 | CVE-2024-7282 | SQL Injection vulnerability in Oretnom23 LOT Reservation Management System 1.0 A vulnerability classified as critical was found in SourceCodester Lot Reservation Management System 1.0. | 9.8 |
| 2024-07-31 | CVE-2024-6255 | Unspecified vulnerability in Gaizhenbiao Chuanhuchatgpt 20240410 A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including critical configuration files such as `config.json` and `ds_config_chatbot.json`. | 9.1 |
| 2024-07-31 | CVE-2024-7279 | SQL Injection vulnerability in Oretnom23 LOT Reservation Management System 1.0 A vulnerability was found in SourceCodester Lot Reservation Management System 1.0. | 9.8 |
| 2024-07-31 | CVE-2024-7280 | SQL Injection vulnerability in Oretnom23 LOT Reservation Management System 1.0 A vulnerability was found in SourceCodester Lot Reservation Management System 1.0. | 9.8 |
| 2024-07-30 | CVE-2024-38983 | Unspecified vulnerability in Alykoshin Mini-Deep-Assign 0.0.8 Prototype Pollution in alykoshin mini-deep-assign v0.0.8 allows an attacker to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via the _assign() method at (/lib/index.js:91) | 9.8 |
| 2024-07-30 | CVE-2024-7273 | Unspecified vulnerability in Adonesevangelista Restaurant Management System 1.0 A vulnerability classified as critical was found in itsourcecode Alton Management System 1.0. | 9.8 |
| 2024-07-30 | CVE-2024-36572 | Unspecified vulnerability in Allpro Formmanager Data Handler 0.7.4 Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause other impacts via the functions setDefaults, mergeBranch, and Object.setObjectValue. | 9.8 |
| 2024-07-30 | CVE-2024-38984 | Unspecified vulnerability in Lukebond Json-Override 0.2.0 Prototype Pollution in lukebond json-override 0.2.0 allows attackers to to execute arbitrary code or cause a Denial of Service (DoS) via the __proto__ property. | 9.8 |
| 2024-07-30 | CVE-2024-38986 | Unspecified vulnerability in 75Lb Deep-Merge 1.1.1 Prototype Pollution in 75lb deep-merge 1.1.1 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) and cause other impacts via merge methods of lodash to merge objects. | 9.8 |
| 2024-07-30 | CVE-2024-39010 | Unspecified vulnerability in Chasemoskal Snapstate 0.0.9 chase-moskal snapstate v0.0.9 was discovered to contain a prototype pollution via the function attemptNestedProperty. | 9.8 |