CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-35048	An issue in SurveyKing v1.3.1 allows attackers to execute a session replay attack after a user changes their password. Description: An issue in SurveyKing v1.3.1 allows attackers to execute a session replay attack after a user changes their password. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-35039	idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area. Description: idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/tplSys_deal.php?mudi=area. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-35012	idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=close. Description: idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=add&nohrefStr=close. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-35011	idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=rev&nohrefStr=close. Description: idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/infoType_deal.php?mudi=rev&nohrefStr=close. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-35010	idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... Description: idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/banner_deal.php?mudi=del&dataType=&dataTypeCN=%E5%9B%BE%E7%89%87%E5%B9%BF%E5%91%8A&theme=cs&dataID=6. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-35009	idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... Description: idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/share_switch.php?mudi=switch&dataType=&fieldName=state&fieldName2=state&tabName=banner&dataID=6. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-34995	svnWebUI v1.8.3 was discovered to contain an arbitrary file deletion vulnerability via the dirTemps parameter under... Description: svnWebUI v1.8.3 was discovered to contain an arbitrary file deletion vulnerability via the dirTemps parameter under com.cym.controller.UserController#importOver. This vulnerability allows attackers to delete arbitrary files via a crafted POST request. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-34982	An arbitrary file upload vulnerability in the component /include/file.php of lylme_spage v1.9.5 allows attackers to execute arbitrary code via... Description: An arbitrary file upload vulnerability in the component /include/file.php of lylme_spage v1.9.5 allows attackers to execute arbitrary code via uploading a crafted file. EPSS Score: 0.08% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-34974	Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter. Description: Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)
CVE-2024-34959	DedeCMS V5.7.113 is vulnerable to Cross Site Scripting (XSS) via sys_data_replace.php. Description: DedeCMS V5.7.113 is vulnerable to Cross Site Scripting (XSS) via sys_data_replace.php. EPSS Score: 0.04% Source: CVE February 14th, 2025 (5 months ago)