Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2024-22922 |
Description: An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php
EPSS Score: 0.51% SSVC Exploitation: none
June 4th, 2025 (4 days ago)
|
|
CVE-2024-22903 |
Description: Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function.
EPSS Score: 1.5% SSVC Exploitation: poc
June 4th, 2025 (4 days ago)
|
|
CVE-2024-22899 |
Description: Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function.
EPSS Score: 12.45% SSVC Exploitation: poc
June 4th, 2025 (4 days ago)
|
|
CVE-2024-22729 |
Description: NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command injection vulnerability via the password parameter on the login page.
CVSS: CRITICAL (9.8) EPSS Score: 91.17% SSVC Exploitation: poc
June 4th, 2025 (4 days ago)
|
|
CVE-2024-22725 |
Description: Orthanc versions before 1.12.2 are affected by a reflected cross-site scripting (XSS) vulnerability. The vulnerability was present in the server's error reporting.
CVSS: MEDIUM (6.1) EPSS Score: 0.34% SSVC Exploitation: none
June 4th, 2025 (4 days ago)
|
|
CVE-2024-22646 |
Description: An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system.
EPSS Score: 0.2% SSVC Exploitation: none
June 4th, 2025 (4 days ago)
|
|
CVE-2024-22626 |
Description: Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_retailer.php?id=.
EPSS Score: 0.14% SSVC Exploitation: none
June 4th, 2025 (4 days ago)
|
|
CVE-2024-22625 |
Description: Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_category.php?id=.
EPSS Score: 0.08% SSVC Exploitation: none
June 4th, 2025 (4 days ago)
|
|
CVE-2024-22529 |
Description: TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vulnerability in the sub_449040 (handle function of formUploadFile) of /bin/boa.
EPSS Score: 2.64% SSVC Exploitation: none
June 4th, 2025 (4 days ago)
|
|
CVE-2024-22048 |
Description: govuk_tech_docs versions from 2.0.2 to before 3.3.1 are vulnerable to a cross-site scripting vulnerability. Malicious JavaScript may be executed in the user's browser if a malicious search result is displayed on the search page.
CVSS: MEDIUM (6.1) EPSS Score: 1.18% SSVC Exploitation: none
June 4th, 2025 (4 days ago)
|