Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-19 | CVE-2024-12792 | SQL Injection vulnerability in Codezips E-Commerce Site 1.0 A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. | 9.8 |
| 2024-12-19 | CVE-2024-12794 | SQL Injection vulnerability in Codezips E-Commerce Site 1.0 A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. | 9.8 |
| 2024-12-19 | CVE-2024-12788 | SQL Injection vulnerability in Codezips Technical Discussion Forum 1.0 A vulnerability was found in Codezips Technical Discussion Forum 1.0 and classified as critical. | 9.8 |
| 2024-12-19 | CVE-2024-12789 | Code Injection vulnerability in Pbootcms A vulnerability was found in PbootCMS up to 3.2.3. | 9.8 |
| 2024-12-19 | CVE-2024-12787 | SQL Injection vulnerability in 1000Projects Attendance Tracking Management System 1.0 A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical. | 9.8 |
| 2024-12-19 | CVE-2021-26102 | Path Traversal vulnerability in Fortinet Fortiwan A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all versions may allow a remote non-authenticated attacker to delete files on the system by sending a crafted POST request. | 9.1 |
| 2024-12-19 | CVE-2024-10244 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ISDO Software Web Software allows SQL Injection.This issue affects Web Software: before 3.6. | 9.8 |
| 2024-12-19 | CVE-2024-12784 | SQL Injection vulnerability in Adrianmercurio Vehicle Management System 1.0 A vulnerability was found in itsourcecode Vehicle Management System 1.0. | 9.8 |
| 2024-12-19 | CVE-2021-32589 | Unspecified vulnerability in Fortinet Fortianalyzer, Fortimanager and Fortiportal A Use After Free (CWE-416) vulnerability in FortiManager version 7.0.0, version 6.4.5 and below, version 6.2.7 and below, version 6.0.10 and below, version 5.6.10 and below, version 5.4.7 and below, version 5.2.10 and below, version 5.0.12 and below and FortiAnalyzer version 7.0.0, version 6.4.5 and below, version 6.2.7 and below, version 6.0.10 and below, version 5.6.10 and below, version 5.4.7 and below, version 5.3.11, version 5.2.10 to 5.2.4 fgfmsd daemon may allow a remote, non-authenticated attacker to execute unauthorized code as root via sending a specifically crafted request to the fgfm port of the targeted device. | 9.8 |
| 2024-12-19 | CVE-2024-12626 | The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘a-0-o-search_field_value’ parameter in all versions up to, and including, 5.0.9 due to insufficient input sanitization and output escaping. | 9.6 |