CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-49700 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound ARPrice allows Reflected XSS. This issue affects ARPrice: from n/a through 4.0.3.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 22nd, 2025 (6 months ago)
|
|
CVE-2024-49699 |
Description: Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This issue affects ARPrice: from n/a through 4.0.3.
CVSS: HIGH (8.8) EPSS Score: 0.04%
January 22nd, 2025 (6 months ago)
|
|
CVE-2024-49688 |
Description: Deserialization of Untrusted Data vulnerability in NotFound ARPrice allows Object Injection. This issue affects ARPrice: from n/a through 4.0.3.
CVSS: CRITICAL (9.8) EPSS Score: 0.04%
January 22nd, 2025 (6 months ago)
|
|
CVE-2024-49666 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound ARPrice allows SQL Injection. This issue affects ARPrice: from n/a through 4.0.3.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 22nd, 2025 (6 months ago)
|
|
CVE-2024-49655 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound ARPrice allows SQL Injection. This issue affects ARPrice: from n/a through 4.0.3.
CVSS: CRITICAL (9.3) EPSS Score: 0.04%
January 22nd, 2025 (6 months ago)
|
|
CVE-2024-49333 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 22nd, 2025 (6 months ago)
|
|
CVE-2024-49303 |
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5.
CVSS: HIGH (8.5) EPSS Score: 0.04%
January 22nd, 2025 (6 months ago)
|
|
CVE-2024-49300 |
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows Reflected XSS. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5.
CVSS: HIGH (7.1) EPSS Score: 0.04%
January 22nd, 2025 (6 months ago)
|
|
CVE-2024-48392 |
Description: OrangeScrum v2.0.11 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into user email due to lack of input validation, which could lead to account takeover.
EPSS Score: 0.05%
January 22nd, 2025 (6 months ago)
|
|
CVE-2024-45687 |
Description: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in Payara Platform Payara Server (Grizzly, REST Management Interface modules), Payara Platform Payara Micro (Grizzly modules) allows Manipulating State, Identity Spoofing.This issue affects Payara Server: from 4.1.151 through 4.1.2.191.51, from 5.20.0 through 5.70.0, from 5.2020.2 through 5.2022.5, from 6.2022.1 through 6.2024.12, from 6.0.0 through 6.21.0; Payara Micro: from 4.1.152 through 4.1.2.191.51, from 5.20.0 through 5.70.0, from 5.2020.2 through 5.2022.5, from 6.2022.1 through 6.2024.12, from 6.0.0 through 6.21.0.
CVSS: LOW (2.4) EPSS Score: 0.05%
January 22nd, 2025 (6 months ago)
|