CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
threatintel
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on November 21, 2024. These...
CVE Alert: CVE-2024-11620
Vulnerability Summary: CVE-2024-11620 Improper Control of Generation of Code ('Code Injection') vulnerability in Rank Math SEO allows Code Injection.This issue...
CVE Alert: CVE-2024-49503
Vulnerability Summary: CVE-2024-49503 A Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SUSE manager...
CVE Alert: CVE-2024-52474
Vulnerability Summary: CVE-2024-52474 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in LLC «TriIncom» Express...
CVE Alert: CVE-2024-11402
Vulnerability Summary: CVE-2024-11402 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP-speedup Block Editor Bootstrap Blocks...
CVE Alert: CVE-2024-52283
Vulnerability Summary: CVE-2024-52283 Missing sanitation of inputs allowed arbitrary users to conduct a stored XSS attack that triggers for users...
CVE Alert: CVE-2024-52481
Vulnerability Summary: CVE-2024-52481 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Astoundify Jobify - Job...
CVE Alert: CVE-2024-52490
Vulnerability Summary: CVE-2024-52490 Unrestricted Upload of File with Dangerous Type vulnerability in Pathomation allows Upload a Web Shell to a...
CVE Alert: CVE-2024-52495
Vulnerability Summary: CVE-2024-52495 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Eniture Technology Distance...
CVE Alert: CVE-2024-52496
Vulnerability Summary: CVE-2024-52496 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AbsolutePlugins...
CVE Alert: CVE-2024-52475
Vulnerability Summary: CVE-2024-52475 Authentication Bypass Using an Alternate Path or Channel vulnerability in Automation Web Platform Wawp allows Authentication Bypass.This...
[HUNTERS] – Ransomware Victim: Horsa
Ransomware Group: HUNTERS VICTIM NAME: Horsa NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[APT73] – Ransomware Victim: www[.]fpj[.]com[.]py
Ransomware Group: APT73 VICTIM NAME: wwwfpjcompy NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-53732
Vulnerability Summary: CVE-2024-53732 Cross-Site Request Forgery (CSRF) vulnerability in WP WOX Footer Flyout Widget allows Stored XSS.This issue affects Footer...
CVE Alert: CVE-2024-52497
Vulnerability Summary: CVE-2024-52497 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in quomodosoft...
CVE Alert: CVE-2024-52501
Vulnerability Summary: CVE-2024-52501 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in webbytemplate...
CVE Alert: CVE-2024-52499
Vulnerability Summary: CVE-2024-52499 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Kardi...
CVE Alert: CVE-2024-52498
Vulnerability Summary: CVE-2024-52498 Path Traversal: '.../...//' vulnerability in Softpulse Infotech SP Blog Designer allows PHP Local File Inclusion.This issue affects...
CVE Alert: CVE-2024-53737
Vulnerability Summary: CVE-2024-53737 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Mailster allows Stored XSS.This...
CVE Alert: CVE-2024-53736
Vulnerability Summary: CVE-2024-53736 Cross-Site Request Forgery (CSRF) vulnerability in Jason Grim Custom Shortcode Sidebars allows Stored XSS.This issue affects Custom...
CVE Alert: CVE-2024-8308
Vulnerability Summary: CVE-2024-8308 A low privileged remote attacker can insert a SQL injection in the web application due to improper...
CVE Alert: CVE-2024-53733
Vulnerability Summary: CVE-2024-53733 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rohit Harsh Fence URL allows...
CVE Alert: CVE-2024-53734
Vulnerability Summary: CVE-2024-53734 Cross-Site Request Forgery (CSRF) vulnerability in Idealien Studios Idealien Category Enhancements allows Stored XSS.This issue affects Idealien...
