Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-11-04 CVE-2024-51136 XXE vulnerability in Openimaj 1.3.10
An XML External Entity (XXE) vulnerability in Dmoz2CSV in openimaj v1.3.10 allows attackers to access sensitive information or execute arbitrary code via supplying a crafted XML file.
network
low complexity
openimaj CWE-611
critical
9.8
2024-11-04 CVE-2024-10764 Unrestricted Upload of File with Dangerous Type vulnerability in Codezips Online Institute Management System 1.0
A vulnerability classified as critical has been found in Codezips Online Institute Management System 1.0.
network
low complexity
codezips CWE-434
critical
9.8
2024-11-04 CVE-2024-10765 Unrestricted Upload of File with Dangerous Type vulnerability in Codezips Online Institute Management System 1.0
A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0.
network
low complexity
codezips CWE-434
critical
9.8
2024-11-04 CVE-2024-50523 Unrestricted Upload of File with Dangerous Type vulnerability in Rainbow-Link ALL Post Contact Form
Unrestricted Upload of File with Dangerous Type vulnerability in RainbowLink Inc.
network
low complexity
rainbow-link CWE-434
critical
9.8
2024-11-04 CVE-2024-50525 Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint
Unrestricted Upload of File with Dangerous Type vulnerability in Helloprint Plug your WooCommerce into the largest catalog of customized print products from Helloprint allows Upload a Web Shell to a Web Server.This issue affects Plug your WooCommerce into the largest catalog of customized print products from Helloprint: from n/a through 2.0.2.
network
low complexity
helloprint CWE-434
critical
9.8
2024-11-04 CVE-2024-50526 Unrestricted Upload of File with Dangerous Type vulnerability in Lindeni Multi Purpose Mail Form
Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail Form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a through 1.0.2.
network
low complexity
lindeni CWE-434
critical
9.8
2024-11-04 CVE-2024-50527 Unrestricted Upload of File with Dangerous Type vulnerability in Stacksmarket Stacks Mobile APP Builder
Unrestricted Upload of File with Dangerous Type vulnerability in Stacks Stacks Mobile App Builder allows Upload a Web Shell to a Web Server.This issue affects Stacks Mobile App Builder: from n/a through 5.2.3.
network
low complexity
stacksmarket CWE-434
critical
9.8
2024-11-04 CVE-2024-50531 Unrestricted Upload of File with Dangerous Type vulnerability in Carrcommunications Rsvpmaker
Unrestricted Upload of File with Dangerous Type vulnerability in David F.
network
low complexity
carrcommunications CWE-434
critical
9.8
2024-11-04 CVE-2024-51558 Improper Restriction of Excessive Authentication Attempts vulnerability in 63Moons Aero and Wave 2.0
This vulnerability exists in the Wave 2.0 due to missing restrictions for excessive failed authentication attempts on its API based login.
network
low complexity
63moons CWE-307
critical
9.8
2024-11-04 CVE-2024-10035 Code Injection vulnerability in Bg-Tek Coslat
Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics Security Technologies CoslatV3 allows Command Injection.This issue affects CoslatV3: through 3.1069.
network
low complexity
bg-tek CWE-94
critical
9.8