Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-12-23 CVE-2024-12898 SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0
A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0.
network
low complexity
1000projects CWE-89
critical
 9.8
9.8
2024-12-23 CVE-2024-12899 SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0
A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0.
network
low complexity
1000projects CWE-89
critical
 9.8
9.8
2024-12-22 CVE-2024-12895 SQL Injection vulnerability in Treasurehuntgame Treasurehunt
A vulnerability has been found in TreasureHuntGame TreasureHunt up to 963e0e0 and classified as critical.
network
low complexity
treasurehuntgame CWE-89
critical
 9.8
9.8
2024-12-22 CVE-2024-12894 SQL Injection vulnerability in Treasurehuntgame Treasurehunt
A vulnerability, which was classified as critical, was found in TreasureHuntGame TreasureHunt up to 963e0e0.
network
low complexity
treasurehuntgame CWE-89
critical
 9.8
9.8
2024-12-21 CVE-2024-12884 SQL Injection vulnerability in Codezips E-Commerce Site 1.0
A vulnerability was found in Codezips E-Commerce Website 1.0.
network
low complexity
codezips CWE-89
critical
 9.8
9.8
2024-12-21 CVE-2024-11349 The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.1.6.
network
low complexity
CWE-288
critical
 9.8
9.8
2024-12-20 CVE-2024-51466 IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an Expression Language (EL) Injection vulnerability.
network
high complexity
CWE-917
critical
 9.0
9.0
2024-12-20 CVE-2024-12571 The Store Locator for WordPress with Google Maps – LotsOfLocales plugin for WordPress is vulnerable to Local File Inclusion in version 3.98.9 via the 'sl_engine' parameter.
network
low complexity
CWE-98
critical
 9.8
9.8
2024-12-20 CVE-2022-32203 Command Injection vulnerability in Huawei Cv81-Wdm Firmware 01.70.49.29.46
There is a command injection vulnerability in Huawei terminal printer product.
network
low complexity
huawei CWE-77
critical
 9.8
9.8
2024-12-19 CVE-2024-12791 SQL Injection vulnerability in Codezips E-Commerce Site 1.0
A vulnerability was found in Codezips E-Commerce Site 1.0.
network
low complexity
codezips CWE-89
critical
 9.8
9.8