Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-09 | CVE-2023-46350 | SQL Injection vulnerability in Innovadeluxe Manufacturer or Supplier Alphabetical Search 2.0.4 SQL injection vulnerability in InnovaDeluxe "Manufacturer or supplier alphabetical search" (idxrmanufacturer) module for PrestaShop versions 2.0.4 and before, allows remote attackers to escalate privileges and obtain sensitive information via the methods IdxrmanufacturerFunctions::getCornersLink, IdxrmanufacturerFunctions::getManufacturersLike and IdxrmanufacturerFunctions::getSuppliersLike. | 9.8 |
| 2024-02-09 | CVE-2023-50026 | SQL Injection vulnerability in Prestamonster Multi Accessories PRO 5.2.0 SQL injection vulnerability in Presta Monster "Multi Accessories Pro" (hsmultiaccessoriespro) module for PrestaShop versions 5.1.1 and before, allows remote attackers to escalate privileges and obtain sensitive information via the method HsAccessoriesGroupProductAbstract::getAccessoriesByIdProducts(). | 9.8 |
| 2024-02-09 | CVE-2024-24308 | SQL Injection vulnerability in Boostmyshop 1.1.9 SQL Injection vulnerability in Boostmyshop (boostmyshopagent) module for Prestashop versions 1.1.9 and before, allows remote attackers to escalate privileges and obtain sensitive information via changeOrderCarrier.php, relayPoint.php, and shippingConfirmation.php. | 9.8 |
| 2024-02-09 | CVE-2023-43609 | Unspecified vulnerability in Emerson products In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could obtain access to sensitive information or cause a denial-of-service condition. | 9.1 |
| 2024-02-09 | CVE-2023-46687 | Command Injection vulnerability in Emerson products In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with network access could execute arbitrary commands in root context from a remote computer. | 9.8 |
| 2024-02-09 | CVE-2023-49716 | Command Injection vulnerability in Emerson products In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network access could run arbitrary commands from a remote computer. | 9.8 |
| 2024-02-09 | CVE-2024-1353 | Deserialization of Untrusted Data vulnerability in PHPems 1.0 A vulnerability, which was classified as critical, has been found in PHPEMS up to 1.0. | 9.8 |
| 2024-02-08 | CVE-2023-47132 | Unspecified vulnerability in N-Able N-Central 2023.4/2023.6 An issue discovered in N-able N-central before 2023.6 and earlier allows attackers to gain escalated privileges via API calls. | 9.8 |
| 2024-02-08 | CVE-2023-40266 | Path Traversal vulnerability in Mitel Unify Openscape Xpressions Webassistant An issue was discovered in Atos Unify OpenScape Xpressions WebAssistant V7 before V7R1 FR5 HF42 P911. | 9.8 |
| 2024-02-08 | CVE-2024-24393 | Unrestricted Upload of File with Dangerous Type vulnerability in Oaooa Pichome 1.1.01 File Upload vulnerability index.php in Pichome v.1.1.01 allows a remote attacker to execute arbitrary code via crafted POST request. | 9.8 |