Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-11-04 CVE-2024-50525 Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint
Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint Plug your WooCommerce into the largest catalog of customized print products from Helloprint allows Upload a Web Shell to a Web Server.This issue affects Plug your WooCommerce into the largest catalog of customized print products from Helloprint: from n/a through 2.0.2.
network
low complexity
helloprint CWE-434
critical
9.8
2024-11-04 CVE-2024-50526 Unrestricted Upload of File with Dangerous Type vulnerability in Lindeni Multi Purpose Mail Form
Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail Form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a through 1.0.2.
network
low complexity
lindeni CWE-434
critical
9.8
2024-11-04 CVE-2024-50527 Unrestricted Upload of File with Dangerous Type vulnerability in Stacksmarket Stacks Mobile APP Builder
Unrestricted Upload of File with Dangerous Type vulnerability in Stacks Stacks Mobile App Builder allows Upload a Web Shell to a Web Server.This issue affects Stacks Mobile App Builder: from n/a through 5.2.3.
network
low complexity
stacksmarket CWE-434
critical
9.8
2024-11-04 CVE-2024-50531 Unrestricted Upload of File with Dangerous Type vulnerability in Carrcommunications Rsvpmaker
Unrestricted Upload of File with Dangerous Type vulnerability in David F.
network
low complexity
carrcommunications CWE-434
critical
9.8
2024-11-04 CVE-2024-51558 Improper Restriction of Excessive Authentication Attempts vulnerability in 63Moons Aero and Wave 2.0
This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login.
network
low complexity
63moons CWE-307
critical
9.8
2024-11-04 CVE-2024-10035 Code Injection vulnerability in Bg-Tek Coslat
Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics Security Technologies CoslatV3 allows Command Injection.This issue affects CoslatV3: through 3.1069.
network
low complexity
bg-tek CWE-94
critical
9.8
2024-11-04 CVE-2024-38408 Unspecified vulnerability in Qualcomm products
Cryptographic issue when a controller receives an LMP start encryption command under unexpected conditions.
network
low complexity
qualcomm
critical
9.1
2024-11-04 CVE-2024-10758 SQL Injection vulnerability in multiple products
A vulnerability, which was classified as critical, was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0.
network
low complexity
code-projects anirbandutta9 CWE-89
critical
9.8
2024-11-04 CVE-2024-10751 SQL Injection vulnerability in Codezips ISP Management System 1.0
A vulnerability was found in Codezips ISP Management System 1.0 and classified as critical.
network
low complexity
codezips CWE-89
critical
9.8
2024-11-04 CVE-2024-10752 SQL Injection vulnerability in Codezips PET Shop Management System 1.0
A vulnerability was found in Codezips Pet Shop Management System 1.0.
network
low complexity
codezips CWE-89
critical
9.8