Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-20 | CVE-2024-6113 | Unspecified vulnerability in Janobe Monbela Tourist INN Online Reservation System 1.0 A vulnerability was found in itsourcecode Monbela Tourist Inn Online Reservation System 1.0. | 9.8 |
| 2024-06-20 | CVE-2024-3605 | SQL Injection vulnerability in Thimpress WP Hotel Booking The WP Hotel Booking plugin for WordPress is vulnerable to SQL Injection via the 'room_type' parameter of the /wphb/v1/rooms/search-rooms REST API endpoint in all versions up to, and including, 2.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 |
| 2024-06-20 | CVE-2024-5182 | Unspecified vulnerability in Mudler Localai A path traversal vulnerability exists in mudler/localai version 2.14.0, where an attacker can exploit the `model` parameter during the model deletion process to delete arbitrary files. | 9.1 |
| 2024-06-19 | CVE-2024-36678 | SQL Injection vulnerability in Promokit PK Themesettings 1.8.8 In the module "Theme settings" (pk_themesettings) <= 1.8.8 from Promokit.eu for PrestaShop, a guest can perform SQL injection. | 9.8 |
| 2024-06-19 | CVE-2024-36684 | SQL Injection vulnerability in Prestashop PK Customlinks In the module "Custom links" (pk_customlinks) <= 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. | 9.8 |
| 2024-06-19 | CVE-2024-36116 | Path Traversal vulnerability in Reposilite Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. | 9.8 |
| 2024-06-19 | CVE-2022-45832 | Missing Authorization vulnerability in Hennessey Attorney Missing Authorization vulnerability in Hennessey Digital Attorney.This issue affects Attorney: from n/a through 3. | 9.8 |
| 2024-06-19 | CVE-2023-36515 | Unspecified vulnerability in Thimpress Learnpress Missing Authorization vulnerability in ThimPress LearnPress.This issue affects LearnPress: from n/a through 4.2.3. | 9.8 |
| 2024-06-19 | CVE-2023-36684 | Unspecified vulnerability in Brainstormforce Convert PRO Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through 1.7.5. | 9.8 |
| 2024-06-19 | CVE-2023-35049 | Unspecified vulnerability in Woocommerce Stripe Payment Gateway Missing Authorization vulnerability in WooCommerce WooCommerce Stripe Payment Gateway.This issue affects WooCommerce Stripe Payment Gateway: from n/a through 7.4.0. | 9.8 |