Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-10-20 CVE-2024-49326 Unrestricted Upload of File with Dangerous Type vulnerability in Vasiliskerasiotis Affiliator
Unrestricted Upload of File with Dangerous Type vulnerability in Vasilis Kerasiotis Affiliator allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through 2.1.3.
network
low complexity
vasiliskerasiotis CWE-434
critical
9.8
2024-10-20 CVE-2024-49327 Unrestricted Upload of File with Dangerous Type vulnerability in Asepbagjapriandana Woostagram Connect
Unrestricted Upload of File with Dangerous Type vulnerability in Asep Bagja Priandana Woostagram Connect allows Upload a Web Shell to a Web Server.This issue affects Woostagram Connect: from n/a through 1.0.2.
network
low complexity
asepbagjapriandana CWE-434
critical
9.8
2024-10-20 CVE-2024-49329 Unrestricted Upload of File with Dangerous Type vulnerability in Vivektamrakar WP Rest API FNS
Unrestricted Upload of File with Dangerous Type vulnerability in Vivek Tamrakar WP REST API FNS allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through 1.0.0.
network
low complexity
vivektamrakar CWE-434
critical
9.8
2024-10-20 CVE-2024-49330 Unrestricted Upload of File with Dangerous Type vulnerability in Brx8R Nice Backgrounds
Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds allows Upload a Web Shell to a Web Server.This issue affects Nice Backgrounds: from n/a through 1.0.
network
low complexity
brx8r CWE-434
critical
9.8
2024-10-20 CVE-2024-49332 Deserialization of Untrusted Data vulnerability in Giveawayboost Giveaway Boost
Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This issue affects Giveaway Boost: from n/a through 2.1.4.
network
low complexity
giveawayboost CWE-502
critical
9.8
2024-10-20 CVE-2024-49607 Unrestricted Upload of File with Dangerous Type vulnerability in Redwanhilali WP Dropbox Dropins
Unrestricted Upload of File with Dangerous Type vulnerability in Redwan Hilali WP Dropbox Dropins allows Upload a Web Shell to a Web Server.This issue affects WP Dropbox Dropins: from n/a through 1.0.
network
low complexity
redwanhilali CWE-434
critical
9.8
2024-10-20 CVE-2024-49610 Unrestricted Upload of File with Dangerous Type vulnerability in Jackzhu Photokit
Unrestricted Upload of File with Dangerous Type vulnerability in Jack Zhu allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through 1.0.
network
low complexity
jackzhu CWE-434
critical
9.8
2024-10-20 CVE-2024-49624 Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System
Deserialization of Untrusted Data vulnerability in Smartdevth Advanced Advertising System allows Object Injection.This issue affects Advanced Advertising System: from n/a through 1.3.1.
network
low complexity
smartdevth CWE-502
critical
9.8
2024-10-20 CVE-2024-49625 Deserialization of Untrusted Data vulnerability in Brandonclark Sitebuilder Dynamic Components
Deserialization of Untrusted Data vulnerability in Brandon Clark SiteBuilder Dynamic Components allows Object Injection.This issue affects SiteBuilder Dynamic Components: from n/a through 1.0.
network
low complexity
brandonclark CWE-502
critical
9.8
2024-10-20 CVE-2024-49286 Path Traversal vulnerability in Moridrin SSV Events
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Moridrin SSV Events allows PHP Local File Inclusion.This issue affects SSV Events: from n/a through 3.2.7.
network
low complexity
moridrin CWE-22
critical
9.8