CyberAlerts

CVE-2024-57548

CMSimple 5.16 allows the user to edit log.php file via print page.

Description: CMSimple 5.16 allows the user to edit log.php file via print page.

EPSS Score: 0.04%

Source: CVE

January 28th, 2025 (6 months ago)

CVE-2024-57547

Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the...

Description: Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files.

EPSS Score: 0.04%

Source: CVE

January 28th, 2025 (6 months ago)

CVE-2024-57546

An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function.

Description: An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function.

EPSS Score: 0.04%

Source: CVE

January 28th, 2025 (6 months ago)

CVE-2024-57373

Cross Site Request Forgery vulnerability in LifestyleStore v.1.0 allows a remote attacker to execute arbitrary cod and obtain sensitive information.

Description: Cross Site Request Forgery vulnerability in LifestyleStore v.1.0 allows a remote attacker to execute arbitrary cod and obtain sensitive information.

EPSS Score: 0.04%

Source: CVE

January 28th, 2025 (6 months ago)

CVE-2024-57276

In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured...

Description: In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured with insecure permissions, allowing users to modify the executable file path used by the service. The service runs with NT AUTHORITY\SYSTEM privileges, enabling attackers to escalate privileges by replacing or placing a malicious executable in the service path.

EPSS Score: 0.04%

Source: CVE

January 28th, 2025 (6 months ago)

CVE-2024-57272

SecuSTATION Camera V2.5.5.3116-S50-SMA-B20160811A and lower is vulnerable to Cross Site Scripting (XSS).

Description: SecuSTATION Camera V2.5.5.3116-S50-SMA-B20160811A and lower is vulnerable to Cross Site Scripting (XSS).

EPSS Score: 0.04%

Source: CVE

January 28th, 2025 (6 months ago)

CVE-2024-57052

An issue in youdiancms v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter in the index.php file.

Description: An issue in youdiancms v.9.5.20 and before allows a remote attacker to escalate privileges via the sessionID parameter in the index.php file.

EPSS Score: 0.04%

Source: CVE

January 28th, 2025 (6 months ago)

CVE-2024-56972

An issue in Midea Group Co., Ltd Midea Home iOS 9.3.12 allows attackers to access sensitive user information via supplying a crafted link.

Description: An issue in Midea Group Co., Ltd Midea Home iOS 9.3.12 allows attackers to access sensitive user information via supplying a crafted link.

EPSS Score: 0.06%

Source: CVE

January 28th, 2025 (6 months ago)

CVE-2024-56971

An issue in Zhiyuan Yuedu (Guangzhou) Literature Information Technology Co., Ltd Shuqi Novel iOS 5.3.8 allows attackers to access sensitive user...

Description: An issue in Zhiyuan Yuedu (Guangzhou) Literature Information Technology Co., Ltd Shuqi Novel iOS 5.3.8 allows attackers to access sensitive user information via supplying a crafted link.

EPSS Score: 0.06%

Source: CVE

January 28th, 2025 (6 months ago)

CVE-2024-56969

An issue in Pixocial Technology (Singapore) Pte. Ltd BeautyPlus iOS 7.8.010 allows attackers to access sensitive user information via supplying a...

Description: An issue in Pixocial Technology (Singapore) Pte. Ltd BeautyPlus iOS 7.8.010 allows attackers to access sensitive user information via supplying a crafted link.

EPSS Score: 0.06%

Source: CVE

January 28th, 2025 (6 months ago)

Threat and Vulnerability Intelligence Database

Example Searches: