CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-49700

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ARPrice allows Reflected XSS. This issue affects ARPrice: from n/a through 4.0.3.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 22nd, 2025 (6 months ago)

CVE-2024-49699

Description: Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This issue affects ARPrice: from n/a through 4.0.3.

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE
January 22nd, 2025 (6 months ago)

CVE-2024-49688

Description: Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This issue affects ARPrice: from n/a through 4.0.3.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE
January 22nd, 2025 (6 months ago)

CVE-2024-49666

Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound ARPrice allows SQL Injection. This issue affects ARPrice: from n/a through 4.0.3.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
January 22nd, 2025 (6 months ago)

CVE-2024-49655

Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound ARPrice allows SQL Injection. This issue affects ARPrice: from n/a through 4.0.3.

CVSS: CRITICAL (9.3)

EPSS Score: 0.04%

Source: CVE
January 22nd, 2025 (6 months ago)

CVE-2024-49333

Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
January 22nd, 2025 (6 months ago)

CVE-2024-49303

Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
January 22nd, 2025 (6 months ago)

CVE-2024-49300

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows Reflected XSS. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 22nd, 2025 (6 months ago)

CVE-2024-48392

Description: OrangeScrum v2.0.11 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into user email due to lack of input validation, which could lead to account takeover.

EPSS Score: 0.05%

Source: CVE
January 22nd, 2025 (6 months ago)

CVE-2024-45687

Description: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in Payara Platform Payara Server (Grizzly, REST Management Interface modules), Payara Platform Payara Micro (Grizzly modules) allows Manipulating State, Identity Spoofing.This issue affects Payara Server: from 4.1.151 through 4.1.2.191.51, from 5.20.0 through 5.70.0, from 5.2020.2 through 5.2022.5, from 6.2022.1 through 6.2024.12, from 6.0.0 through 6.21.0; Payara Micro: from 4.1.152 through 4.1.2.191.51, from 5.20.0 through 5.70.0, from 5.2020.2 through 5.2022.5, from 6.2022.1 through 6.2024.12, from 6.0.0 through 6.21.0.

CVSS: LOW (2.4)

EPSS Score: 0.05%

Source: CVE
January 22nd, 2025 (6 months ago)