Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-29 | CVE-2024-44777 | Cross-site Scripting vulnerability in Vtiger CRM 7.4.0 A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. | 9.6 |
| 2024-08-29 | CVE-2024-44778 | Cross-site Scripting vulnerability in Vtiger CRM 7.4.0 A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. | 9.6 |
| 2024-08-29 | CVE-2024-44779 | Cross-site Scripting vulnerability in Vtiger CRM 7.4.0 A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. | 9.6 |
| 2024-08-29 | CVE-2024-43965 | SQL Injection vulnerability in Smackcoders Sendgrid Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress: from n/a through 1.4. | 9.8 |
| 2024-08-29 | CVE-2024-8255 | Deserialization of Untrusted Data vulnerability in Deltaww DTN Soft Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability. | 9.8 |
| 2024-08-29 | CVE-2024-38795 | SQL Injection vulnerability in Cridio Listingpro Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro allows SQL Injection.This issue affects ListingPro: from n/a through 2.9.4. | 9.8 |
| 2024-08-29 | CVE-2024-39622 | SQL Injection vulnerability in Cridio Listingpro Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro.This issue affects ListingPro: from n/a through 2.9.4. | 9.8 |
| 2024-08-29 | CVE-2024-39653 | SQL Injection vulnerability in E4Jconnect Vikrentcar Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E4J s.R.L. | 9.8 |
| 2024-08-29 | CVE-2024-43132 | SQL Injection vulnerability in Wpwebelite Docket Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPWeb Elite Docket (WooCommerce Collections / Wishlist / Watchlist) allows SQL Injection.This issue affects Docket (WooCommerce Collections / Wishlist / Watchlist): from n/a before 1.7.0. | 9.8 |
| 2024-08-29 | CVE-2024-43144 | SQL Injection vulnerability in Stylemixthemes Cost Calculator Builder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Cost Calculator Builder allows SQL Injection.This issue affects Cost Calculator Builder: from n/a through 3.2.15. | 9.8 |