Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-29	CVE-2024-41364	Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\trackEdit.php network low complexity sourcefabric CWE-94 critical	9.8
2024-08-29	CVE-2024-41366	Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\userScripts.php network low complexity sourcefabric CWE-94 critical	9.8
2024-08-29	CVE-2024-41367	Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\api\playlist\appendFileToPlaylist.php network low complexity sourcefabric CWE-94 critical	9.8
2024-08-29	CVE-2024-41368	Code Injection vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWlanIpMail.php network low complexity sourcefabric CWE-94 critical	9.8
2024-08-29	CVE-2024-41369	Unspecified vulnerability in Sourcefabric Phoniebox 2.7.0 RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via htdocs\inc.setWifi.php network low complexity sourcefabric critical	9.8
2024-08-29	CVE-2024-41370	SQL Injection vulnerability in Organizr 1.90 Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/setlike.php. network low complexity organizr CWE-89 critical	9.8
2024-08-29	CVE-2024-41372	SQL Injection vulnerability in Organizr 1.90 Organizr v1.90 was discovered to contain a SQL injection vulnerability via chat/settyping.php. network low complexity organizr CWE-89 critical	9.8
2024-08-29	CVE-2024-44777	Cross-site Scripting vulnerability in Vtiger CRM 7.4.0 A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. network low complexity vtiger CWE-79 critical	9.6
2024-08-29	CVE-2024-44778	Cross-site Scripting vulnerability in Vtiger CRM 7.4.0 A reflected cross-site scripting (XSS) vulnerability in the parent parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. network low complexity vtiger CWE-79 critical	9.6
2024-08-29	CVE-2024-44779	Cross-site Scripting vulnerability in Vtiger CRM 7.4.0 A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. network low complexity vtiger CWE-79 critical	9.6

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical