Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-05 | CVE-2024-10845 | SQL Injection vulnerability in Bookstore Management System Project Bookstore Management System 1.0 A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as critical. | 9.8 |
| 2024-11-05 | CVE-2024-10687 | SQL Injection vulnerability in Contest-Gallery Contest Gallery The Photos, Files, YouTube, Twitter, Instagram, TikTok, Ecommerce Contest Gallery – Upload, Vote, Sell via PayPal, Social Share Buttons plugin for WordPress is vulnerable to time-based SQL Injection via the $collectedIds parameter in all versions up to, and including, 24.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. | 9.8 |
| 2024-11-04 | CVE-2024-10791 | SQL Injection vulnerability in Codezips Hospital Appointment System 1.0 A vulnerability, which was classified as critical, has been found in Codezips Hospital Appointment System 1.0. | 9.8 |
| 2024-11-04 | CVE-2024-10766 | Unrestricted Upload of File with Dangerous Type vulnerability in Codezips Free Exam Hall Seating Management System 1.0 A vulnerability, which was classified as critical, has been found in Codezips Free Exam Hall Seating Management System 1.0. | 9.8 |
| 2024-11-04 | CVE-2024-51327 | SQL Injection vulnerability in Projectworlds Travel Management System 1.0 SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields. | 9.8 |
| 2024-11-04 | CVE-2024-51136 | XXE vulnerability in Openimaj 1.3.10 An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted XML file. | 9.8 |
| 2024-11-04 | CVE-2024-10764 | Unrestricted Upload of File with Dangerous Type vulnerability in Codezips Online Institute Management System 1.0 A vulnerability classified as critical has been found in Codezips Online Institute Management System 1.0. | 9.8 |
| 2024-11-04 | CVE-2024-10765 | Unrestricted Upload of File with Dangerous Type vulnerability in Codezips Online Institute Management System 1.0 A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. | 9.8 |
| 2024-11-04 | CVE-2024-50523 | Unrestricted Upload of File with Dangerous Type vulnerability in Rainbow-Link ALL Post Contact Form Unrestricted Upload of File with Dangerous Type vulnerability in RainbowLink Inc. | 9.8 |
| 2024-11-04 | CVE-2024-50525 | Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint Plug your WooCommerce into the largest catalog of customized print products from Helloprint allows Upload a Web Shell to a Web Server.This issue affects Plug your WooCommerce into the largest catalog of customized print products from Helloprint: from n/a through 2.0.2. | 9.8 |