Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-20 | CVE-2024-49607 | Unrestricted Upload of File with Dangerous Type vulnerability in Redwanhilali WP Dropbox Dropins Unrestricted Upload of File with Dangerous Type vulnerability in Redwan Hilali WP Dropbox Dropins allows Upload a Web Shell to a Web Server.This issue affects WP Dropbox Dropins: from n/a through 1.0. | 9.8 |
| 2024-10-20 | CVE-2024-49610 | Unrestricted Upload of File with Dangerous Type vulnerability in Jackzhu Photokit Unrestricted Upload of File with Dangerous Type vulnerability in Jack Zhu allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through 1.0. | 9.8 |
| 2024-10-20 | CVE-2024-49624 | Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows Object Injection.This issue affects Advanced Advertising System: from n/a through 1.3.1. | 9.8 |
| 2024-10-20 | CVE-2024-49625 | Deserialization of Untrusted Data vulnerability in Brandonclark Sitebuilder Dynamic Components Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components allows Object Injection.This issue affects SiteBuilder Dynamic Components: from n/a through 1.0. | 9.8 |
| 2024-10-20 | CVE-2024-49286 | Path Traversal vulnerability in Moridrin SSV Events Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Moridrin SSV Events allows PHP Local File Inclusion.This issue affects SSV Events: from n/a through 3.2.7. | 9.8 |
| 2024-10-20 | CVE-2024-49328 | Missing Authentication for Critical Function vulnerability in Vivektamrakar WP Rest API FNS Authentication Bypass Using an Alternate Path or Channel vulnerability in Vivek Tamrakar WP REST API FNS allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through 1.0.0. | 9.8 |
| 2024-10-20 | CVE-2024-49604 | Missing Authentication for Critical Function vulnerability in Najeebmedia Simple User Registration Authentication Bypass Using an Alternate Path or Channel vulnerability in Najeeb Ahmad Simple User Registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through 5.5. | 9.8 |
| 2024-10-20 | CVE-2024-49611 | Unrestricted Upload of File with Dangerous Type vulnerability in Paxman Product Website Showcase Unrestricted Upload of File with Dangerous Type vulnerability in Paxman Product Website Showcase allows Upload a Web Shell to a Web Server.This issue affects Product Website Showcase: from n/a through 1.0. | 9.8 |
| 2024-10-20 | CVE-2024-49626 | Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management Deserialization of Untrusted Data vulnerability in Piyushmca Shipyaari Shipping Management allows Object Injection.This issue affects Shipyaari Shipping Management: from n/a through 1.2. | 9.8 |
| 2024-10-20 | CVE-2024-10170 | SQL Injection vulnerability in Fabianros Hospital Management System 1.0 A vulnerability, which was classified as critical, has been found in code-projects Hospital Management System 1.0. | 9.8 |