Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-13 | CVE-2021-24620 | Unrestricted Upload of File with Dangerous Type vulnerability in Simple-E-Commerce-Shopping-Cart Project Simple-E-Commerce-Shopping-Cart The WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin through 2.2.5 does not check for the uploaded Downloadable Digital product file, allowing any file, such as PHP to be uploaded by an administrator. | 8.8 |
| 2021-09-13 | CVE-2021-24726 | Unspecified vulnerability in Wpsimplebookingcalendar WP Simple Booking Calendar The WP Simple Booking Calendar WordPress plugin before 2.0.6 did not escape, validate or sanitise the orderby parameter in its Search Calendars action, before using it in a SQL statement, leading to an authenticated SQL injection issue | 8.8 |
| 2021-09-13 | CVE-2021-24727 | Unspecified vulnerability in Stopbadbots Block and Stop BAD Bots The StopBadBots WordPress plugin before 6.60 did not validate or escape the order and orderby GET parameter in some of its admin dashboard pages, leading to Authenticated SQL Injections | 8.8 |
| 2021-09-13 | CVE-2021-24728 | Unspecified vulnerability in Cozmoslabs Membership & Content Restriction - Paid Member Subscriptions The Membership & Content Restriction – Paid Member Subscriptions WordPress plugin before 2.4.2 did not sanitise, validate or escape its order and orderby parameters before using them in SQL statement, leading to Authenticated SQL Injections in the Members and Payments pages. | 8.8 |
| 2021-09-13 | CVE-2021-33545 | Out-of-bounds Write vulnerability in Geutebrueck products Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the counter parameter which may allow an attacker to remotely execute arbitrary code. | 7.2 |
| 2021-09-13 | CVE-2021-33546 | Unspecified vulnerability in Geutebrueck products Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the name parameter, which may allow an attacker to remotely execute arbitrary code. | 7.2 |
| 2021-09-13 | CVE-2021-33547 | Unspecified vulnerability in Geutebrueck products Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code. | 7.2 |
| 2021-09-13 | CVE-2021-33549 | Unspecified vulnerability in Geutebrueck products Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the action parameter, which may allow an attacker to remotely execute arbitrary code. | 7.2 |
| 2021-09-13 | CVE-2021-33551 | Unspecified vulnerability in Geutebrueck products Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code. | 7.2 |
| 2021-09-13 | CVE-2021-32136 | Out-of-bounds Write vulnerability in Gpac 1.0.1 Heap buffer overflow in the print_udta function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file. | 7.8 |