Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-15	CVE-2024-9925	SQL Injection vulnerability in Taismartfactory Qplant SF 1.0 SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. network low complexity taismartfactory CWE-89 critical	9.8
2024-10-15	CVE-2024-9984	Missing Authentication for Critical Function vulnerability in Ragic Enterprise Cloud Database Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie. network low complexity ragic CWE-306 critical	9.8
2024-10-15	CVE-2024-9985	Unrestricted Upload of File with Dangerous Type vulnerability in Ragic Enterprise Cloud Database Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. network low complexity ragic CWE-434 critical	9.8
2024-10-15	CVE-2024-9982	AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query parameter. network low complexity CWE-89 critical	9.8
2024-10-14	CVE-2024-48251	SQL Injection vulnerability in Wavelog 1.8.5 Wavelog 1.8.5 allows Activated_gridmap_model.php get_band_confirmed SQL injection via band, sat, propagation, or mode. network low complexity wavelog CWE-89 critical	9.8
2024-10-14	CVE-2024-48257	SQL Injection vulnerability in Wavelog 1.8.5 Wavelog 1.8.5 allows Oqrs_model.php get_worked_modes station_id SQL injectioin. network low complexity wavelog CWE-89 critical	9.8
2024-10-14	CVE-2024-48253	SQL Injection vulnerability in Magicbug Cloudlog 2.6.15 Cloudlog 2.6.15 allows Oqrs.php delete_oqrs_line id SQL injection. network low complexity magicbug CWE-89 critical	9.8
2024-10-14	CVE-2024-48255	SQL Injection vulnerability in Magicbug Cloudlog 2.6.15 Cloudlog 2.6.15 allows Oqrs.php get_station_info station_id SQL injection. network low complexity magicbug CWE-89 critical	9.8
2024-10-14	CVE-2024-9924	The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at risk. network low complexity critical	9.8
2024-10-14	CVE-2024-9921	SQL Injection vulnerability in Teamplus Team+ PRO The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify and delete database contents. network low complexity teamplus CWE-89 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical