Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-20	CVE-2024-42568	SQL Injection vulnerability in Arajajyothibabu School Management System School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php. network low complexity arajajyothibabu CWE-89 critical	9.8
2024-08-20	CVE-2024-42570	SQL Injection vulnerability in Arajajyothibabu School Management System School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at admininsert.php. network low complexity arajajyothibabu CWE-89 critical	9.8
2024-08-20	CVE-2024-42572	SQL Injection vulnerability in Arajajyothibabu School Management System School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at unitmarks.php. network low complexity arajajyothibabu CWE-89 critical	9.8
2024-08-20	CVE-2024-42573	SQL Injection vulnerability in Arajajyothibabu School Management System School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php. network low complexity arajajyothibabu CWE-89 critical	9.8
2024-08-20	CVE-2024-42574	SQL Injection vulnerability in Arajajyothibabu School Management System School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php. network low complexity arajajyothibabu CWE-89 critical	9.8
2024-08-20	CVE-2024-42575	SQL Injection vulnerability in Arajajyothibabu School Management System School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at substaff.php. network low complexity arajajyothibabu CWE-89 critical	9.8
2024-08-20	CVE-2024-7777	Path Traversal vulnerability in Bitapps Contact Form Builder The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation in multiple functions in versions 2.0 to 2.13.9. network low complexity bitapps CWE-22 critical	9.0
2024-08-20	CVE-2024-5932	Deserialization of Untrusted Data vulnerability in Givewp The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'give_title' parameter. network low complexity givewp CWE-502 critical	9.8
2024-08-20	CVE-2024-7946	SQL Injection vulnerability in Adonesevangelista Online Blood Bank Management System 1.0 A vulnerability was found in itsourcecode Online Blood Bank Management System 1.0. network low complexity adonesevangelista CWE-89 critical	9.8
2024-08-20	CVE-2024-7947	SQL Injection vulnerability in Janobe Point of Sales and Inventory Management System 1.0 A vulnerability classified as critical has been found in SourceCodester Point of Sales and Inventory Management System 1.0. network low complexity janobe CWE-89 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical