Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-55981 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nabajit Roy Nabz Image Gallery allows SQL Injection.This issue affects Nabz Image Gallery: from n/a through v1.00.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
December 17th, 2024 (4 months ago)
|
|
CVE-2024-55980 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Webriderz Wr Age Verification allows SQL Injection.This issue affects Wr Age Verification: from n/a through 2.0.0.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
December 17th, 2024 (4 months ago)
|
|
CVE-2024-55978 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WalletStation.com Code Generator Pro allows SQL Injection.This issue affects Code Generator Pro: from n/a through 1.2.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
December 17th, 2024 (4 months ago)
|
|
CVE-2024-55977 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in launch-page-importer LaunchPage.app Importer allows SQL Injection.This issue affects LaunchPage.app Importer: from n/a through 1.1.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
December 17th, 2024 (4 months ago)
|
|
CVE-2024-55976 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mike Leembruggen Critical Site Intel allows SQL Injection.This issue affects Critical Site Intel: from n/a through 1.0.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
December 17th, 2024 (4 months ago)
|
|
CVE-2024-55972 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Chris Carvache eTemplates allows SQL Injection.This issue affects eTemplates: from n/a through 0.2.1.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
December 17th, 2024 (4 months ago)
|
|
CVE-2024-55949 |
Description: MinIO is a high-performance, S3 compatible object store, open sourced under GNU AGPLv3 license. Minio is subject to a privilege escalation in IAM import API, all users are impacted since MinIO commit `580d9db85e04f1b63cc2909af50f0ed08afa965f`. This issue has been addressed in commit `f246c9053f9603e610d98439799bdd2a6b293427` which is included in RELEASE.2024-12-13T22-19-12Z. There are no workarounds possible, all users are advised to upgrade immediately.
CVSS: CRITICAL (9.3) EPSS Score: 0.05%
December 17th, 2024 (4 months ago)
|
|
CVE-2024-54372 |
Description: Cross-Site Request Forgery (CSRF) vulnerability in Sourov Amin Insertify allows Code Injection.This issue affects Insertify: from n/a through 1.1.4.
CVSS: CRITICAL (9.6) EPSS Score: 0.04%
December 17th, 2024 (4 months ago)
|
|
CVE-2024-54370 |
Description: Unrestricted Upload of File with Dangerous Type vulnerability in SuitePlugins Video & Photo Gallery for Ultimate Member allows Upload a Web Shell to a Web Server.This issue affects Video & Photo Gallery for Ultimate Member: from n/a through 1.1.0.
CVSS: CRITICAL (9.9) EPSS Score: 0.04%
December 17th, 2024 (4 months ago)
|
|
CVE-2024-54369 |
Description: Missing Authorization vulnerability in ThemeHunk Zita Site Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Zita Site Builder: from n/a through 1.0.2.
CVSS: CRITICAL (9.1) EPSS Score: 0.04%
December 17th, 2024 (4 months ago)
|