High Severity Vulnerabilities

111.5K CVEs classified as high severity

HIGH
Total CVEs
111.5K
Vulnerabilities
Avg CVSS
8.8
High
Max CVSS
8.8
Highest
Min CVSS
8.8
Lowest

Browse by Severity

Critical
28.6K
High
111.5K
Medium
128.7K
Low
9.9K

High Severity CVEs

Page 74 of 4645

CVE-2024-42617

HIGH
CVSS:8.8(High)

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_config.php?action=save&var_id=32

CWE-3522024

CVE-2024-42616

HIGH
CVSS:8.8(High)

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_widgets.php?action=remove&widget=Statistics

CWE-3522024

CVE-2024-42613

HIGH
CVSS:8.8(High)

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_widgets.php?action=install&widget=akismet

CWE-3522024

CVE-2024-42612

HIGH
CVSS:8.8(High)

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/domain_management.php?whitelist_add

CWE-3522024

CVE-2024-42611

HIGH
CVSS:8.8(High)

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/admin_page.php?link_id=1&mode=delete

CWE-3522024

CVE-2024-42610

HIGH
CVSS:8.8(High)

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=files

CWE-3522024

CVE-2024-42608

HIGH
CVSS:8.8(High)

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/submit_page.php.

CWE-3522024

CVE-2024-42607

HIGH
CVSS:8.8(High)

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=database

CWE-3522024

CVE-2024-42604

HIGH
CVSS:8.8(High)

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_group.php?mode=delete&group_id=3

CWE-3522024

CVE-2024-42599

HIGH
CVSS:8.8(High)

SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that although admin_files.php imposes restrictions on edited files, attackers can still bypass these restric...

CWE-942024

CVE-2024-42586

HIGH
CVSS:8.8(High)

A Cross-Site Request Forgery (CSRF) in the component categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.

CWE-3522024

CVE-2024-42585

HIGH
CVSS:8.8(High)

A Cross-Site Request Forgery (CSRF) in the component delete_media.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.

CWE-3522024

CVE-2024-42584

HIGH
CVSS:8.8(High)

A Cross-Site Request Forgery (CSRF) in the component delete_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.

CWE-3522024

CVE-2024-42583

HIGH
CVSS:8.8(High)

A Cross-Site Request Forgery (CSRF) in the component delete_user.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.

CWE-3522024

CVE-2024-42582

HIGH
CVSS:8.8(High)

A Cross-Site Request Forgery (CSRF) in the component delete_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.

CWE-3522024

CVE-2024-42579

HIGH
CVSS:8.8(High)

A Cross-Site Request Forgery (CSRF) in the component add_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.

CWE-3522024

CVE-2024-42577

HIGH
CVSS:8.8(High)

A Cross-Site Request Forgery (CSRF) in the component add_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.

CWE-3522024

CVE-2024-42576

HIGH
CVSS:8.8(High)

A Cross-Site Request Forgery (CSRF) in the component edit_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.

CWE-3522024

CVE-2024-42566

HIGH
CVSS:8.8(High)

School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the password parameter at login.php

CWE-892024

CVE-2024-42561

HIGH
CVSS:8.8(High)

Pharmacy Management System commit a2efc8 was discovered to contain a SQL injection vulnerability via the invoice_number parameter at sales_report.php.

CWE-892024

CVE-2024-42557

HIGH
CVSS:8.8(High)

A Cross-Site Request Forgery (CSRF) in the component admin_modify_room.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges.

CWE-3522024

CVE-2024-42555

HIGH
CVSS:8.8(High)

A Cross-Site Request Forgery (CSRF) in the component admin_room_removed.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges.

CWE-3522024

CVE-2024-42554

HIGH
CVSS:8.8(High)

Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the room_type parameter at admin_room_added.php.

CWE-892024

CVE-2024-42553

HIGH
CVSS:8.8(High)

A Cross-Site Request Forgery (CSRF) in the component admin_room_added.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges.

CWE-3522024