Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-08	CVE-2024-6924	SQL Injection vulnerability in Themetechmount Truebooker The TrueBooker WordPress plugin before 1.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. network low complexity themetechmount CWE-89 critical	9.8
2024-09-08	CVE-2024-6928	SQL Injection vulnerability in Opti.Marketing Opti Marketing The Opti Marketing WordPress plugin through 2.0.9 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection. network low complexity opti-marketing CWE-89 critical	9.8
2024-09-08	CVE-2024-8569	SQL Injection vulnerability in Fabianros Hospital Management System 1.0 A vulnerability has been found in code-projects Hospital Management System 1.0 and classified as critical. network low complexity fabianros CWE-89 critical	9.8
2024-09-08	CVE-2024-8568	SQL Injection vulnerability in Project Team Tmall Demo A vulnerability, which was classified as critical, was found in Mini-Tmall up to 20240901. network low complexity project-team CWE-89 critical	9.8
2024-09-08	CVE-2024-8567	SQL Injection vulnerability in Payroll Management System Project Payroll Management System 1.0 A vulnerability, which was classified as critical, has been found in itsourcecode Payroll Management System 1.0. network low complexity payroll-management-system-project CWE-89 critical	9.8
2024-09-07	CVE-2024-8565	SQL Injection vulnerability in Oretnom23 Clinic'S Patient Management System 2.0 A vulnerability was found in SourceCodesters Clinics Patient Management System 2.0. network low complexity oretnom23 CWE-89 critical	9.8
2024-09-07	CVE-2024-8561	SQL Injection vulnerability in Rems PHP Crud 1.0 A vulnerability has been found in SourceCodester PHP CRUD 1.0 and classified as critical. network low complexity rems CWE-89 critical	9.8
2024-09-07	CVE-2024-40711	Deserialization of Untrusted Data vulnerability in Veeam Backup & Replication 12.0.0.1420 A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE). network low complexity veeam CWE-502 critical	9.8
2024-09-06	CVE-2024-44401	Command Injection vulnerability in Dlink Di-8100G Firmware 17.12.20A1 D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the upgrade_filter.asp file network low complexity dlink CWE-77 critical	9.8
2024-09-06	CVE-2024-44402	Command Injection vulnerability in Dlink Di-8100G Firmware 17.12.20A1 D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm. network low complexity dlink CWE-77 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical