Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-53821 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pie Register Premium allows Reflected XSS.This issue affects Pie Register Premium: from n/a through n/a.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53817 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Acowebs Product Labels For Woocommerce allows Blind SQL Injection.This issue affects Product Labels For Woocommerce: from n/a through 1.5.8.
CVSS: HIGH (7.6) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53815 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Blind SQL Injection.This issue affects Pinpoint Booking System: from n/a through 2.9.9.5.1.
CVSS: HIGH (8.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53812 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacques Malgrange WP GeoNames allows Reflected XSS.This issue affects WP GeoNames: from n/a through 1.8.
CVSS: HIGH (7.1) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53808 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows SQL Injection.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.7.8.
CVSS: HIGH (8.5) EPSS Score: 0.05%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53807 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through 1.8.16.0.
CVSS: HIGH (8.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53805 |
Description: Missing Authorization vulnerability in brandtoss WP Mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through 1.8.16.0.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53804 |
Description: Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through 1.8.16.0.
CVSS: HIGH (7.5) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-53691 |
Description: A link following vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to traverse the file system to unintended locations.
We have already fixed the vulnerability in the following versions:
QTS 5.1.8.2823 build 20240712 and later
QTS 5.2.0.2802 build 20240620 and later
QuTS hero h5.1.8.2823 build 20240712 and later
QuTS hero h5.2.0.2802 build 20240620 and later
CVSS: HIGH (8.7) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|
|
CVE-2024-50393 |
Description: A command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands.
We have already fixed the vulnerability in the following versions:
QTS 5.1.9.2954 build 20241120 and later
QTS 5.2.2.2950 build 20241114 and later
QuTS hero h5.1.9.2954 build 20241120 and later
QuTS hero h5.2.2.2952 build 20241116 and later
CVSS: HIGH (8.7) EPSS Score: 0.04%
December 7th, 2024 (4 months ago)
|