Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-58249 |
Description: In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps when connections are refused in wxWebRequestCURL.
CVSS: LOW (3.7) EPSS Score: 0.05%
April 16th, 2025 (6 days ago)
|
|
CVE-2024-40074 |
Description: Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting (XSS) via id_generator/classes/SystemSettings.php?f=update_settings, and the point of vulnerability is in the POST parameter 'short_name'.
EPSS Score: 0.03%
April 16th, 2025 (6 days ago)
|
|
CVE-2024-40073 |
Description: Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the template parameter at id_generator/admin/?page=generate&template=4.
EPSS Score: 0.02%
April 16th, 2025 (6 days ago)
|
|
CVE-2024-40072 |
Description: Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at id_generator/admin/?page=generate/index&id=1.
EPSS Score: 0.02%
April 16th, 2025 (6 days ago)
|
|
CVE-2024-40071 |
Description: Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via id_generator/classes/SystemSettings.php?f=update_settings. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
EPSS Score: 0.03%
April 16th, 2025 (6 days ago)
|
|
CVE-2024-40070 |
Description: Sourcecodester Online ID Generator System 1.0 was discovered to contain an arbitrary file upload vulnerability via id_generator/classes/Users.php?f=save. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
EPSS Score: 0.03%
April 16th, 2025 (6 days ago)
|
|
CVE-2024-40069 |
Description: Sourcecodester Online ID Generator System 1.0 was discovered to contain Stored Cross Site Scripting (XSS) via id_generator/classes/Users.php?f=save, and the point of vulnerability is in the POST parameter 'firstname' and 'lastname'.
EPSS Score: 0.03%
April 16th, 2025 (6 days ago)
|
|
CVE-2024-40068 |
Description: Sourcecodester Online ID Generator System 1.0 was discovered to contain a SQL injection vulnerability via the id parameter at id_generator/admin/?page=templates/manage_template&id=1.
EPSS Score: 0.02%
April 16th, 2025 (6 days ago)
|
|
CVE-2024-25847 |
Description: SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and obtain sensitive information via Send::__construct() and importProducts::_addDataToDb methods.
EPSS Score: 0.04% SSVC Exploitation: none
April 16th, 2025 (6 days ago)
|
|
CVE-2024-25269 |
Description: libheif <= 1.17.6 contains a memory leak in the function JpegEncoder::Encode. This flaw allows an attacker to cause a denial of service attack.
CVSS: HIGH (7.5) EPSS Score: 0.06% SSVC Exploitation: poc
April 16th, 2025 (6 days ago)
|