CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE-2024-56056

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kmfoysal06 SimpleCharm allows Reflected XSS.This issue affects SimpleCharm: from n/a through 1.4.3.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 8th, 2025 (6 months ago)

CVE-2024-53800

Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rezgo Rezgo allows PHP Local File Inclusion.This issue affects Rezgo: from n/a through 4.15.

CVSS: HIGH (8.1)

EPSS Score: 0.04%

Source: CVE
January 8th, 2025 (6 months ago)

CVE-2024-51715

Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ClickWhale ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages allows Blind SQL Injection.This issue affects ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages: from n/a through 2.4.1.

CVSS: HIGH (8.5)

EPSS Score: 0.04%

Source: CVE
January 8th, 2025 (6 months ago)

CVE-2024-51700

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 김 민준 (Minjun Kim) NAVER Analytics allows Stored XSS.This issue affects NAVER Analytics: from n/a through 0.9.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 8th, 2025 (6 months ago)

CVE-2024-51651

Description: Missing Authorization vulnerability in CubeWP CubeWP Forms – All-in-One Form Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP Forms – All-in-One Form Builder: from n/a through 1.1.5.

CVSS: MEDIUM (5.3)

EPSS Score: 0.04%

Source: CVE
January 8th, 2025 (6 months ago)

CVE-2024-49649

Description: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Abdul Hakeem Build App Online allows PHP Local File Inclusion.This issue affects Build App Online: from n/a through 1.0.23.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE
January 8th, 2025 (6 months ago)

CVE-2024-49644

Description: Incorrect Privilege Assignment vulnerability in AllAccessible Team Accessibility by AllAccessible allows Privilege Escalation.This issue affects Accessibility by AllAccessible: from n/a through 1.3.4.

CVSS: HIGH (8.8)

EPSS Score: 0.04%

Source: CVE
January 8th, 2025 (6 months ago)

CVE-2024-49633

Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Designinvento DirectoryPress allows Reflected XSS.This issue affects DirectoryPress: from n/a through 3.6.19.

CVSS: HIGH (7.1)

EPSS Score: 0.04%

Source: CVE
January 8th, 2025 (6 months ago)

CVE-2024-49294

Description: Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team Bus Ticket Booking with Seat Reservation allows Cross Site Request Forgery.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through 5.4.3.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
January 8th, 2025 (6 months ago)

CVE-2024-49249

Description: Path Traversal vulnerability in SMSA Express SMSA Shipping allows Path Traversal.This issue affects SMSA Shipping: from n/a through 2.3.

CVSS: HIGH (8.6)

EPSS Score: 0.04%

Source: CVE
January 8th, 2025 (6 months ago)