diff --git a/2014/CVE-2014-4210.md b/2014/CVE-2014-4210.md
index a39e99dde0..df1dc67e87 100644
--- a/2014/CVE-2014-4210.md
+++ b/2014/CVE-2014-4210.md
@@ -86,6 +86,7 @@ Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusi
 - https://github.com/password520/RedTeamer
 - https://github.com/pwnagelabs/VEF
 - https://github.com/qi4L/WeblogicScan.go
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/rabbitmask/WeblogicScan
 - https://github.com/rabbitmask/WeblogicScanLot
 - https://github.com/rabbitmask/WeblogicScanServer
diff --git a/2016/CVE-2016-3088.md b/2016/CVE-2016-3088.md
index 32af1b79ea..050470689a 100644
--- a/2016/CVE-2016-3088.md
+++ b/2016/CVE-2016-3088.md
@@ -55,6 +55,7 @@ The Fileserver web application in Apache ActiveMQ 5.x before 5.14.0 allows remot
 - https://github.com/pravinsrc/NOTES-windows-kernel-links
 - https://github.com/pudiding/CVE-2016-3088
 - https://github.com/qazbnm456/awesome-cve-poc
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/retr0-13/Goby
 - https://github.com/sponkmonk/Ladon_english_update
 - https://github.com/t0m4too/t0m4to
diff --git a/2017/CVE-2017-12615.md b/2017/CVE-2017-12615.md
index b9e4ce4c73..68318c8f7a 100644
--- a/2017/CVE-2017-12615.md
+++ b/2017/CVE-2017-12615.md
@@ -91,6 +91,7 @@ When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.
 - https://github.com/q99266/saury-vulnhub
 - https://github.com/qazbnm456/awesome-cve-poc
 - https://github.com/qiantu88/Tomcat-Exploit
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/qiwentaidi/Slack
 - https://github.com/r0eXpeR/redteam_vul
 - https://github.com/safe6Sec/PentestNote
diff --git a/2017/CVE-2017-14849.md b/2017/CVE-2017-14849.md
index c513588f4b..c883393e6a 100644
--- a/2017/CVE-2017-14849.md
+++ b/2017/CVE-2017-14849.md
@@ -41,6 +41,7 @@ No PoCs from references.
 - https://github.com/merlinepedra25/nuclei-templates
 - https://github.com/openx-org/BLEN
 - https://github.com/q99266/saury-vulnhub
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/ronoski/j2ee-rscan
 - https://github.com/snyk-labs/container-breaking-in-goof
 - https://github.com/sobinge/nuclei-templates
diff --git a/2017/CVE-2017-16894.md b/2017/CVE-2017-16894.md
index a531aef320..859ff78cd2 100644
--- a/2017/CVE-2017-16894.md
+++ b/2017/CVE-2017-16894.md
@@ -26,5 +26,6 @@ In Laravel framework through 5.5.21, remote attackers can obtain sensitive infor
 - https://github.com/Threekiii/Awesome-POC
 - https://github.com/Z0fhack/Goby_POC
 - https://github.com/d4n-sec/d4n-sec.github.io
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/v4p0r/rooon-fiuuu
 
diff --git a/2017/CVE-2017-18349.md b/2017/CVE-2017-18349.md
index d5eb050aeb..373892b184 100644
--- a/2017/CVE-2017-18349.md
+++ b/2017/CVE-2017-18349.md
@@ -37,4 +37,5 @@ parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0
 - https://github.com/luckyfuture0177/VULOnceMore
 - https://github.com/openx-org/BLEN
 - https://github.com/pan2013e/ppt4j
+- https://github.com/qiuluo-oss/Tiger
 
diff --git a/2018/CVE-2018-1273.md b/2018/CVE-2018-1273.md
index 8f5cfbaf18..e69ab7c233 100644
--- a/2018/CVE-2018-1273.md
+++ b/2018/CVE-2018-1273.md
@@ -67,6 +67,7 @@ Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older
 - https://github.com/nBp1Ng/SpringFramework-Vul
 - https://github.com/onewinner/VulToolsKit
 - https://github.com/qazbnm456/awesome-cve-poc
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/ronoski/j2ee-rscan
 - https://github.com/seal-community/patches
 - https://github.com/snowlovely/HacLang
diff --git a/2018/CVE-2018-18778.md b/2018/CVE-2018-18778.md
index de600ff33e..d8978a5ab5 100644
--- a/2018/CVE-2018-18778.md
+++ b/2018/CVE-2018-18778.md
@@ -36,4 +36,5 @@ No PoCs from references.
 - https://github.com/openx-org/BLEN
 - https://github.com/petitfleur/prov_navigator
 - https://github.com/provnavigator/prov_navigator
+- https://github.com/qiuluo-oss/Tiger
 
diff --git a/2019/CVE-2019-0232.md b/2019/CVE-2019-0232.md
index f5d73fb14b..64441ee613 100644
--- a/2019/CVE-2019-0232.md
+++ b/2019/CVE-2019-0232.md
@@ -41,6 +41,7 @@ When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/pyn3rd/CVE-2019-0232
 - https://github.com/qazbnm456/awesome-cve-poc
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/r0eXpeR/redteam_vul
 - https://github.com/rootameen/vulpine
 - https://github.com/safe6Sec/PentestNote
diff --git a/2019/CVE-2019-11358.md b/2019/CVE-2019-11358.md
index 12f2a2096e..5324252f04 100644
--- a/2019/CVE-2019-11358.md
+++ b/2019/CVE-2019-11358.md
@@ -3598,6 +3598,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/pcrobotics2/2023-15425-CenterStage
 - https://github.com/pcrobotics2/2023-19545-CenterStage
 - https://github.com/pcrobotics2/2023-22130-CenterStage
+- https://github.com/perfectparadox8400/8400_2024
 - https://github.com/petergriffinnn/code
 - https://github.com/petthepotat-dump/FTC-22-23-Refactored
 - https://github.com/pgdev1729/FTC-Robot-Controller-Centerstage
diff --git a/2020/CVE-2020-10199.md b/2020/CVE-2020-10199.md
index 29e0a0b244..f71f64a426 100644
--- a/2020/CVE-2020-10199.md
+++ b/2020/CVE-2020-10199.md
@@ -88,6 +88,7 @@ Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).
 - https://github.com/xuetusummer/Penetration_Testing_POC
 - https://github.com/yedada-wei/-
 - https://github.com/yedada-wei/gongkaishouji
+- https://github.com/zhaojunliing/awesome-stars
 - https://github.com/zhzyker/CVE-2020-10199_POC-EXP
 - https://github.com/zhzyker/exphub
 - https://github.com/zoroqi/my-awesome
diff --git a/2020/CVE-2020-10204.md b/2020/CVE-2020-10204.md
index a1849459d4..a0d78a2e32 100644
--- a/2020/CVE-2020-10204.md
+++ b/2020/CVE-2020-10204.md
@@ -77,6 +77,7 @@ Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution.
 - https://github.com/xuetusummer/Penetration_Testing_POC
 - https://github.com/yedada-wei/-
 - https://github.com/yedada-wei/gongkaishouji
+- https://github.com/zhaojunliing/awesome-stars
 - https://github.com/zhzyker/CVE-2020-10204
 - https://github.com/zhzyker/exphub
 - https://github.com/zoroqi/my-awesome
diff --git a/2020/CVE-2020-11444.md b/2020/CVE-2020-11444.md
index 39414e3d0c..de05b7a057 100644
--- a/2020/CVE-2020-11444.md
+++ b/2020/CVE-2020-11444.md
@@ -48,6 +48,7 @@ Sonatype Nexus Repository Manager 3.x up to and including 3.21.2 has Incorrect A
 - https://github.com/soosmile/POC
 - https://github.com/weeka10/-hktalent-TOP
 - https://github.com/whoadmin/pocs
+- https://github.com/zhaojunliing/awesome-stars
 - https://github.com/zhzyker/CVE-2020-11444
 - https://github.com/zhzyker/exphub
 - https://github.com/zoroqi/my-awesome
diff --git a/2020/CVE-2020-13945.md b/2020/CVE-2020-13945.md
index 0e7f91fda2..659a36494b 100644
--- a/2020/CVE-2020-13945.md
+++ b/2020/CVE-2020-13945.md
@@ -24,6 +24,7 @@ In Apache APISIX, the user enabled the Admin API and deleted the Admin API acces
 - https://github.com/bakery312/Vulhub-Reproduce
 - https://github.com/bigblackhat/oFx
 - https://github.com/openx-org/BLEN
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/samurai411/toolbox
 - https://github.com/t0m4too/t0m4to
 - https://github.com/tanjiti/sec_profile
diff --git a/2020/CVE-2020-14882.md b/2020/CVE-2020-14882.md
index df94c73c64..3eca45b06f 100644
--- a/2020/CVE-2020-14882.md
+++ b/2020/CVE-2020-14882.md
@@ -190,6 +190,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
 - https://github.com/yichensec/Bug_writer
 - https://github.com/yyzsec/2021SecWinterTask
 - https://github.com/zer0yu/Awesome-CobaltStrike
+- https://github.com/zhaojunliing/awesome-stars
 - https://github.com/zhzyker/exphub
 - https://github.com/zhzyker/vulmap
 - https://github.com/zoroqi/my-awesome
diff --git a/2020/CVE-2020-1938.md b/2020/CVE-2020-1938.md
index 5a233ee44a..43420de9aa 100644
--- a/2020/CVE-2020-1938.md
+++ b/2020/CVE-2020-1938.md
@@ -216,6 +216,7 @@ When using the Apache JServ Protocol (AJP), care must be taken when trusting inc
 - https://github.com/yedada-wei/gongkaishouji
 - https://github.com/yq1ng/Java
 - https://github.com/ze0r/GhostCat-LFI-exp
+- https://github.com/zhaojunliing/awesome-stars
 - https://github.com/zhzyker/exphub
 - https://github.com/zoroqi/my-awesome
 
diff --git a/2020/CVE-2020-2551.md b/2020/CVE-2020-2551.md
index 5bc50d3de0..368ee88e51 100644
--- a/2020/CVE-2020-2551.md
+++ b/2020/CVE-2020-2551.md
@@ -176,6 +176,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
 - https://github.com/yedada-wei/-
 - https://github.com/yedada-wei/gongkaishouji
 - https://github.com/zema1/oracle-vuln-crawler
+- https://github.com/zhaojunliing/awesome-stars
 - https://github.com/zhzyker/exphub
 - https://github.com/zoroqi/my-awesome
 - https://github.com/zzwlpx/weblogicPoc
diff --git a/2020/CVE-2020-2555.md b/2020/CVE-2020-2555.md
index 340ad94501..65ac0c4fb4 100644
--- a/2020/CVE-2020-2555.md
+++ b/2020/CVE-2020-2555.md
@@ -163,6 +163,7 @@ Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (compo
 - https://github.com/xuetusummer/Penetration_Testing_POC
 - https://github.com/yedada-wei/-
 - https://github.com/yedada-wei/gongkaishouji
+- https://github.com/zhaojunliing/awesome-stars
 - https://github.com/zhzyker/exphub
 - https://github.com/zhzyker/vulmap
 - https://github.com/zoroqi/my-awesome
diff --git a/2020/CVE-2020-2883.md b/2020/CVE-2020-2883.md
index cebce7b00f..5c18400272 100644
--- a/2020/CVE-2020-2883.md
+++ b/2020/CVE-2020-2883.md
@@ -125,6 +125,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
 - https://github.com/xuetusummer/Penetration_Testing_POC
 - https://github.com/yedada-wei/-
 - https://github.com/yedada-wei/gongkaishouji
+- https://github.com/zhaojunliing/awesome-stars
 - https://github.com/zhzyker/exphub
 - https://github.com/zhzyker/vulmap
 - https://github.com/zoroqi/my-awesome
diff --git a/2020/CVE-2020-5410.md b/2020/CVE-2020-5410.md
index 17b81988b1..d2dcfc274f 100644
--- a/2020/CVE-2020-5410.md
+++ b/2020/CVE-2020-5410.md
@@ -71,6 +71,7 @@ No PoCs from references.
 - https://github.com/pen4uin/vulnerability-research
 - https://github.com/pen4uin/vulnerability-research-list
 - https://github.com/pentration/gongkaishouji
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/readloud/Awesome-Stars
 - https://github.com/ronoski/j2ee-rscan
 - https://github.com/shadowsock5/spring-cloud-config-starter
diff --git a/2021/CVE-2021-21315.md b/2021/CVE-2021-21315.md
index c3e12b2fe4..688296dc55 100644
--- a/2021/CVE-2021-21315.md
+++ b/2021/CVE-2021-21315.md
@@ -49,6 +49,7 @@ No PoCs from references.
 - https://github.com/mmk-1/kubernetes-poc
 - https://github.com/n1sh1th/CVE-POC
 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/slimtoolkit/slim
 - https://github.com/soosmile/POC
 - https://github.com/superlink996/chunqiuyunjingbachang
diff --git a/2021/CVE-2021-3129.md b/2021/CVE-2021-3129.md
index 9b13889457..f80d7d11cf 100644
--- a/2021/CVE-2021-3129.md
+++ b/2021/CVE-2021-3129.md
@@ -119,6 +119,7 @@ Ignition before 2.5.2, as used in Laravel and other products, allows unauthentic
 - https://github.com/pen4uin/vulnerability-research
 - https://github.com/pen4uin/vulnerability-research-list
 - https://github.com/qingchenhh/Tools-collection
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/r3volved/CVEAggregate
 - https://github.com/ramimac/aws-customer-security-incidents
 - https://github.com/randolphcyg/nuclei-plus
diff --git a/2021/CVE-2021-45232.md b/2021/CVE-2021-45232.md
index 6a45abcffd..68428be30a 100644
--- a/2021/CVE-2021-45232.md
+++ b/2021/CVE-2021-45232.md
@@ -57,6 +57,7 @@ No PoCs from references.
 - https://github.com/pen4uin/awesome-vulnerability-research
 - https://github.com/pen4uin/vulnerability-research
 - https://github.com/pen4uin/vulnerability-research-list
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/soosmile/POC
 - https://github.com/t0m4too/t0m4to
 - https://github.com/trhacknon/Pocingit
diff --git a/2022/CVE-2022-1526.md b/2022/CVE-2022-1526.md
index 99aa41e552..01b1d7d63d 100644
--- a/2022/CVE-2022-1526.md
+++ b/2022/CVE-2022-1526.md
@@ -11,6 +11,7 @@ A vulnerability, which was classified as problematic, was found in Emlog Pro up
 
 #### Reference
 - https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting(XSS).md
+- https://vuldb.com/?id.198705
 
 #### Github
 No PoCs found on GitHub currently.
diff --git a/2022/CVE-2022-40734.md b/2022/CVE-2022-40734.md
index 67df4c4e96..aa714a658b 100644
--- a/2022/CVE-2022-40734.md
+++ b/2022/CVE-2022-40734.md
@@ -23,4 +23,5 @@ UniSharp laravel-filemanager (aka Laravel Filemanager) before 2.6.4 allows downl
 - https://github.com/Miraitowa70/POC-Notes
 - https://github.com/Threekiii/Awesome-POC
 - https://github.com/d4n-sec/d4n-sec.github.io
+- https://github.com/qiuluo-oss/Tiger
 
diff --git a/2022/CVE-2022-41678.md b/2022/CVE-2022-41678.md
index ac4b334208..8bc28eabe5 100644
--- a/2022/CVE-2022-41678.md
+++ b/2022/CVE-2022-41678.md
@@ -20,6 +20,7 @@ No PoCs from references.
 - https://github.com/Threekiii/Vulhub-Reproduce
 - https://github.com/bakery312/Vulhub-Reproduce
 - https://github.com/d4n-sec/d4n-sec.github.io
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/tanjiti/sec_profile
 - https://github.com/wjlin0/poc-doc
 - https://github.com/wy876/POC
diff --git a/2022/CVE-2022-43634.md b/2022/CVE-2022-43634.md
index 6774997e6a..9fe734fbdb 100644
--- a/2022/CVE-2022-43634.md
+++ b/2022/CVE-2022-43634.md
@@ -13,5 +13,6 @@ This vulnerability allows remote attackers to execute arbitrary code on affected
 No PoCs from references.
 
 #### Github
+- https://github.com/DiRaltvein/memory-corruption-examples
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2023/CVE-2023-0926.md b/2023/CVE-2023-0926.md
new file mode 100644
index 0000000000..d5729ac761
--- /dev/null
+++ b/2023/CVE-2023-0926.md
@@ -0,0 +1,17 @@
+### [CVE-2023-0926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0926)
+![](https://img.shields.io/static/v1?label=Product&message=Custom%20Permalinks&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.6.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The Custom Permalinks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.6.0 due to insufficient input sanitization and output escaping on tag names. This allows authenticated users, with editor-level permissions or greater to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, even when 'unfiltered_html' has been disabled.
+
+### POC
+
+#### Reference
+- https://github.com/samiahmedsiddiqui/custom-permalinks/pull/96
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-2414.md b/2023/CVE-2023-2414.md
index 34d1a0fc65..ee4bcf6e5d 100644
--- a/2023/CVE-2023-2414.md
+++ b/2023/CVE-2023-2414.md
@@ -1,11 +1,11 @@
 ### [CVE-2023-2414](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2414)
 ![](https://img.shields.io/static/v1?label=Product&message=Online%20Booking%20%26%20Scheduling%20Calendar%20for%20WordPress%20by%20vcita&color=blue)
-![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%204.2.10%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%204.4.6%20&color=brighgreen)
 ![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen)
 
 ### Description
 
-The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_save_settings_callback function in versions up to, and including, 4.2.10. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to modify the plugins settings, upload media files, and inject malicious JavaScript.
+The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_save_settings_callback function in versions up to, and including, 4.4.6. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to modify the plugins settings, upload arbitrary files, and inject malicious JavaScript (before 4.3.2).
 
 ### POC
 
diff --git a/2023/CVE-2023-27772.md b/2023/CVE-2023-27772.md
new file mode 100644
index 0000000000..82c529d1ee
--- /dev/null
+++ b/2023/CVE-2023-27772.md
@@ -0,0 +1,17 @@
+### [CVE-2023-27772](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27772)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+libiec61850 v1.5.1 was discovered to contain a segmentation violation via the function ControlObjectClient_setOrigin() at /client/client_control.c.
+
+### POC
+
+#### Reference
+- https://github.com/mz-automation/libiec61850/issues/442
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-38646.md b/2023/CVE-2023-38646.md
index 52ea0f5e8f..a6fea9eda3 100644
--- a/2023/CVE-2023-38646.md
+++ b/2023/CVE-2023-38646.md
@@ -83,6 +83,7 @@ Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 all
 - https://github.com/passwa11/2023Hvv_
 - https://github.com/passwa11/CVE-2023-38646
 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/raytheon0x21/CVE-2023-38646
 - https://github.com/robotmikhro/CVE-2023-38646
 - https://github.com/samurai411/toolbox
diff --git a/2023/CVE-2023-41101.md b/2023/CVE-2023-41101.md
new file mode 100644
index 0000000000..3b9fb1bc2c
--- /dev/null
+++ b/2023/CVE-2023-41101.md
@@ -0,0 +1,17 @@
+### [CVE-2023-41101](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41101)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue was discovered in the captive portal in OpenNDS before version 10.1.3. get_query in http_microhttpd.c does not validate the length of the query string of GET requests. This leads to a stack-based buffer overflow in versions 9.x and earlier, and to a heap-based buffer overflow in versions 10.x and later. Attackers may exploit the issue to crash OpenNDS (Denial-of-Service condition) or to inject and execute arbitrary bytecode (Remote Code Execution). Affected OpenNDS before version 10.1.3 fixed in OpenWrt master and OpenWrt 23.05 on 23. November by updating OpenNDS to version 10.2.0.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/DiRaltvein/memory-corruption-examples
+
diff --git a/2023/CVE-2023-4442.md b/2023/CVE-2023-4442.md
index 14bb584c29..5a00cea6f0 100644
--- a/2023/CVE-2023-4442.md
+++ b/2023/CVE-2023-4442.md
@@ -10,7 +10,7 @@ A vulnerability was found in SourceCodester Free Hospital Management System for
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://vuldb.com/?id.237563
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2023/CVE-2023-4449.md b/2023/CVE-2023-4449.md
new file mode 100644
index 0000000000..b4e25eb80e
--- /dev/null
+++ b/2023/CVE-2023-4449.md
@@ -0,0 +1,17 @@
+### [CVE-2023-4449](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4449)
+![](https://img.shields.io/static/v1?label=Product&message=Free%20and%20Open%20Source%20Inventory%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php?page=member. The manipulation of the argument columns[0][data] leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-237570 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.237570
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-44709.md b/2023/CVE-2023-44709.md
index 900a2b5653..3608aad0e8 100644
--- a/2023/CVE-2023-44709.md
+++ b/2023/CVE-2023-44709.md
@@ -13,5 +13,5 @@ PlutoSVG commit 336c02997277a1888e6ccbbbe674551a0582e5c4 and before was discover
 - https://github.com/sammycage/plutosvg/issues/7
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/DiRaltvein/memory-corruption-examples
 
diff --git a/2023/CVE-2023-4741.md b/2023/CVE-2023-4741.md
index 95606f037e..88555533ee 100644
--- a/2023/CVE-2023-4741.md
+++ b/2023/CVE-2023-4741.md
@@ -10,7 +10,7 @@ A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://vuldb.com/?id.238630
 
 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2023/CVE-2023-4745.md b/2023/CVE-2023-4745.md
index 32cee61722..6b186e9249 100644
--- a/2023/CVE-2023-4745.md
+++ b/2023/CVE-2023-4745.md
@@ -11,6 +11,7 @@ A vulnerability was found in Byzoro Smart S45F Multi-Service Secure Gateway Inte
 
 #### Reference
 - https://github.com/Jacky-Y/vuls/blob/main/vul6.md
+- https://vuldb.com/?id.238634
 
 #### Github
 No PoCs found on GitHub currently.
diff --git a/2023/CVE-2023-49485.md b/2023/CVE-2023-49485.md
new file mode 100644
index 0000000000..857f1d9fc9
--- /dev/null
+++ b/2023/CVE-2023-49485.md
@@ -0,0 +1,17 @@
+### [CVE-2023-49485](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49485)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+JFinalCMS v5.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the column management department.
+
+### POC
+
+#### Reference
+- https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20storage%20type%20XSS%20in%20the%20column%20management%20department.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2023/CVE-2023-4987.md b/2023/CVE-2023-4987.md
index b95964e22f..d79a354725 100644
--- a/2023/CVE-2023-4987.md
+++ b/2023/CVE-2023-4987.md
@@ -11,6 +11,7 @@ A vulnerability, which was classified as critical, has been found in infinitiete
 
 #### Reference
 - http://packetstormsecurity.com/files/174760/Taskhub-2.8.7-SQL-Injection.html
+- https://vuldb.com/?id.239798
 
 #### Github
 No PoCs found on GitHub currently.
diff --git a/2023/CVE-2023-4991.md b/2023/CVE-2023-4991.md
new file mode 100644
index 0000000000..78c013cee3
--- /dev/null
+++ b/2023/CVE-2023-4991.md
@@ -0,0 +1,17 @@
+### [CVE-2023-4991](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4991)
+![](https://img.shields.io/static/v1?label=Product&message=QWAlerter&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%204.50%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-428%20Unquoted%20Search%20Path&color=brighgreen)
+
+### Description
+
+A vulnerability was found in NextBX QWAlerter 4.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file QWAlerter.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. The identifier of this vulnerability is VDB-239804. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.239804
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-20767.md b/2024/CVE-2024-20767.md
index ba0f40a2fe..a622b8fa82 100644
--- a/2024/CVE-2024-20767.md
+++ b/2024/CVE-2024-20767.md
@@ -24,6 +24,7 @@ No PoCs from references.
 - https://github.com/m-cetin/CVE-2024-20767
 - https://github.com/netlas-io/netlas-dorks
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/tanjiti/sec_profile
 - https://github.com/trganda/starrlist
 - https://github.com/wjlin0/poc-doc
diff --git a/2024/CVE-2024-21689.md b/2024/CVE-2024-21689.md
new file mode 100644
index 0000000000..29fb152da2
--- /dev/null
+++ b/2024/CVE-2024-21689.md
@@ -0,0 +1,18 @@
+### [CVE-2024-21689](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21689)
+![](https://img.shields.io/static/v1?label=Product&message=Bamboo%20Data%20Center&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Bamboo%20Server&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=RCE%20(Remote%20Code%20Execution)&color=brighgreen)
+
+### Description
+
+This High severity RCE (Remote Code Execution) vulnerability CVE-2024-21689  was introduced in versions 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, and 9.6.0 of Bamboo Data Center and Server.

This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.6, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction.

Atlassian recommends that Bamboo Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
 Bamboo Data Center and Server 9.2: Upgrade to a release greater than or equal to 9.2.17

 Bamboo Data Center and Server 9.6: Upgrade to a release greater than or equal to 9.6.5

See the release notes ([https://confluence.atlassian.com/bambooreleases/bamboo-release-notes-1189793869.html]). You can download the latest version of Bamboo Data Center and Server from the download center ([https://www.atlassian.com/software/bamboo/download-archives]).

This vulnerability was reported via our Bug Bounty program.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-21733.md b/2024/CVE-2024-21733.md
index a509daba60..b520428428 100644
--- a/2024/CVE-2024-21733.md
+++ b/2024/CVE-2024-21733.md
@@ -18,6 +18,7 @@ Generation of Error Message Containing Sensitive Information vulnerability in Ap
 - https://github.com/Ostorlab/KEV
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/tanjiti/sec_profile
 - https://github.com/versio-io/product-lifecycle-security-api
 - https://github.com/wjlin0/poc-doc
diff --git a/2024/CVE-2024-22263.md b/2024/CVE-2024-22263.md
index 3565b97182..46cc7cc51b 100644
--- a/2024/CVE-2024-22263.md
+++ b/2024/CVE-2024-22263.md
@@ -14,4 +14,5 @@ No PoCs from references.
 
 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/tanjiti/sec_profile
 
diff --git a/2024/CVE-2024-2887.md b/2024/CVE-2024-2887.md
index bc13914fd1..978a94303d 100644
--- a/2024/CVE-2024-2887.md
+++ b/2024/CVE-2024-2887.md
@@ -13,5 +13,6 @@ Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a
 No PoCs from references.
 
 #### Github
+- https://github.com/TrojanAZhen/Self_Back
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-34065.md b/2024/CVE-2024-34065.md
new file mode 100644
index 0000000000..4d1eaa2b21
--- /dev/null
+++ b/2024/CVE-2024-34065.md
@@ -0,0 +1,18 @@
+### [CVE-2024-34065](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34065)
+![](https://img.shields.io/static/v1?label=Product&message=strapi&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%204.24.2%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-294%3A%20Authentication%20Bypass%20by%20Capture-replay&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-601%3A%20URL%20Redirection%20to%20Untrusted%20Site%20('Open%20Redirect')&color=brighgreen)
+
+### Description
+
+Strapi is an open-source content management system. By combining two vulnerabilities (an `Open Redirect` and `session token sent as URL query parameter`) in @strapi/plugin-users-permissions before version 4.24.2, is its possible of an unauthenticated attacker to bypass authentication mechanisms and retrieve the 3rd party tokens. The attack requires user interaction (one click). Unauthenticated attackers can leverage two vulnerabilities to obtain an 3rd party token and the bypass authentication of Strapi apps. Users should upgrade @strapi/plugin-users-permissions to version 4.24.2 to receive a patch.
+
+### POC
+
+#### Reference
+- https://github.com/strapi/strapi/security/advisories/GHSA-wrvh-rcmr-9qfc
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-34312.md b/2024/CVE-2024-34312.md
index cbb2662005..c5032d08d8 100644
--- a/2024/CVE-2024-34312.md
+++ b/2024/CVE-2024-34312.md
@@ -10,7 +10,7 @@ Virtual Programming Lab for Moodle up to v4.2.3 was discovered to contain a cros
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/vincentscode/CVE-2024-34312
 
 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-34329.md b/2024/CVE-2024-34329.md
index 694ec33cec..2309f762b8 100644
--- a/2024/CVE-2024-34329.md
+++ b/2024/CVE-2024-34329.md
@@ -10,7 +10,7 @@ Insecure permissions in Entrust Datacard XPS Card Printer Driver 8.4 and earlier
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/pamoutaf/CVE-2024-34329/blob/main/README.md
 
 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-34361.md b/2024/CVE-2024-34361.md
index a47475f69d..e969b4a99a 100644
--- a/2024/CVE-2024-34361.md
+++ b/2024/CVE-2024-34361.md
@@ -10,7 +10,7 @@ Pi-hole is a DNS sinkhole that protects devices from unwanted content without in
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/pi-hole/pi-hole/security/advisories/GHSA-jg6g-rrj6-xfg6
 
 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-34452.md b/2024/CVE-2024-34452.md
index a20ff1e7f9..7ef31cb89b 100644
--- a/2024/CVE-2024-34452.md
+++ b/2024/CVE-2024-34452.md
@@ -10,7 +10,7 @@ CMSimple_XH 1.7.6 allows XSS by uploading a crafted SVG document.
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/surajhacx/CVE-2024-34452/
 
 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub
diff --git a/2024/CVE-2024-34702.md b/2024/CVE-2024-34702.md
new file mode 100644
index 0000000000..c4980f444c
--- /dev/null
+++ b/2024/CVE-2024-34702.md
@@ -0,0 +1,17 @@
+### [CVE-2024-34702](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34702)
+![](https://img.shields.io/static/v1?label=Product&message=botan&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%202.19.5%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-405%3A%20Asymmetric%20Resource%20Consumption%20(Amplification)&color=brighgreen)
+
+### Description
+
+Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters.  Prior to 3.5.0 and 2.19.5, checking name constraints in X.509 certificates is quadratic in the number of names and name constraints. An attacker who presented a certificate chain which contained a very large number of names in the SubjectAlternativeName, signed by a CA certificate which contained a large number of name constraints, could cause a denial of service. The problem has been addressed in Botan 3.5.0 and a partial backport has also been applied and is included in Botan 2.19.5.
+
+### POC
+
+#### Reference
+- https://github.com/randombit/botan/security/advisories/GHSA-5gg9-hqpr-r58j
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-34703.md b/2024/CVE-2024-34703.md
new file mode 100644
index 0000000000..ab5f0fac74
--- /dev/null
+++ b/2024/CVE-2024-34703.md
@@ -0,0 +1,18 @@
+### [CVE-2024-34703](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34703)
+![](https://img.shields.io/static/v1?label=Product&message=botan&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%203.3.0%2C%20%3C%203.3.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-405%3A%20Asymmetric%20Resource%20Consumption%20(Amplification)&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-770%3A%20Allocation%20of%20Resources%20Without%20Limits%20or%20Throttling&color=brighgreen)
+
+### Description
+
+Botan is a C++ cryptography library. X.509 certificates can identify elliptic curves using either an object identifier or using explicit encoding of the parameters. Prior to versions 3.3.0 and 2.19.4, an attacker could present an ECDSA X.509 certificate using explicit encoding where the parameters are very large. The proof of concept used a 16Kbit prime for this purpose. When parsing, the parameter is checked to be prime, causing excessive computation. This was patched in 2.19.4 and 3.3.0 to allow the prime parameter of the elliptic curve to be at most 521 bits. No known workarounds are available. Note that support for explicit encoding of elliptic curve parameters is deprecated in Botan.
+
+### POC
+
+#### Reference
+- https://github.com/randombit/botan/security/advisories/GHSA-w4g2-7m2h-7xj7
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-35325.md b/2024/CVE-2024-35325.md
new file mode 100644
index 0000000000..a624f24512
--- /dev/null
+++ b/2024/CVE-2024-35325.md
@@ -0,0 +1,17 @@
+### [CVE-2024-35325](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35325)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A vulnerability was found in libyaml up to 0.2.5. Affected by this issue is the function yaml_event_delete of the file /src/libyaml/src/api.c. The manipulation leads to a double-free.
+
+### POC
+
+#### Reference
+- https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35325.c
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-36514.md b/2024/CVE-2024-36514.md
new file mode 100644
index 0000000000..4f0447a0fe
--- /dev/null
+++ b/2024/CVE-2024-36514.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36514](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36514)
+![](https://img.shields.io/static/v1?label=Product&message=ADAudit%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%208000%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in file summary option.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-36515.md b/2024/CVE-2024-36515.md
new file mode 100644
index 0000000000..e29604c675
--- /dev/null
+++ b/2024/CVE-2024-36515.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36515](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36515)
+![](https://img.shields.io/static/v1?label=Product&message=ADAudit%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%208000%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard.Note: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-36516.md b/2024/CVE-2024-36516.md
new file mode 100644
index 0000000000..9aa458a468
--- /dev/null
+++ b/2024/CVE-2024-36516.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36516](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36516)
+![](https://img.shields.io/static/v1?label=Product&message=ADAudit%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%208000%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in dashboard.Note: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-36517.md b/2024/CVE-2024-36517.md
new file mode 100644
index 0000000000..9881e40f4f
--- /dev/null
+++ b/2024/CVE-2024-36517.md
@@ -0,0 +1,17 @@
+### [CVE-2024-36517](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36517)
+![](https://img.shields.io/static/v1?label=Product&message=ADAudit%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%208000%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in alerts module.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-37311.md b/2024/CVE-2024-37311.md
new file mode 100644
index 0000000000..a517d4041a
--- /dev/null
+++ b/2024/CVE-2024-37311.md
@@ -0,0 +1,17 @@
+### [CVE-2024-37311](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37311)
+![](https://img.shields.io/static/v1?label=Product&message=online&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%2024.04.1.1%2C%20%3C%2024.04.4.3%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-295%3A%20Improper%20Certificate%20Validation&color=brighgreen)
+
+### Description
+
+Collabora Online is a collaborative online office suite based on LibreOffice. In affected versions of Collabora Online, https connections from coolwsd to other hosts may incompletely verify the remote host's certificate's against the full chain of trust. This vulnerability is fixed in Collabora Online 24.04.4.3, 23.05.14.1, and 22.05.23.1.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-38856.md b/2024/CVE-2024-38856.md
index 0203916410..bdb92d1ac2 100644
--- a/2024/CVE-2024-38856.md
+++ b/2024/CVE-2024-38856.md
@@ -20,6 +20,7 @@ No PoCs from references.
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/k3ppf0r/2024-PocLib
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/tanjiti/sec_profile
 - https://github.com/wy876/POC
 - https://github.com/wy876/wiki
diff --git a/2024/CVE-2024-38869.md b/2024/CVE-2024-38869.md
new file mode 100644
index 0000000000..263a77ebf9
--- /dev/null
+++ b/2024/CVE-2024-38869.md
@@ -0,0 +1,20 @@
+### [CVE-2024-38869](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38869)
+![](https://img.shields.io/static/v1?label=Product&message=ServiceDesk%20Plus%20MSP&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=ServiceDesk%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=SupportCenter%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%2014800%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%2014810%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+An Stored Cross-site Scripting vulnerability affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-39666.md b/2024/CVE-2024-39666.md
new file mode 100644
index 0000000000..acade1bcca
--- /dev/null
+++ b/2024/CVE-2024-39666.md
@@ -0,0 +1,17 @@
+### [CVE-2024-39666](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39666)
+![](https://img.shields.io/static/v1?label=Product&message=WooCommerce&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 9.1.2.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-40348.md b/2024/CVE-2024-40348.md
index 74b46c0c0a..bf42f98748 100644
--- a/2024/CVE-2024-40348.md
+++ b/2024/CVE-2024-40348.md
@@ -14,6 +14,7 @@ No PoCs from references.
 
 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/wy876/POC
 - https://github.com/wy876/wiki
 
diff --git a/2024/CVE-2024-41150.md b/2024/CVE-2024-41150.md
new file mode 100644
index 0000000000..aa40334035
--- /dev/null
+++ b/2024/CVE-2024-41150.md
@@ -0,0 +1,20 @@
+### [CVE-2024-41150](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41150)
+![](https://img.shields.io/static/v1?label=Product&message=ServiceDesk%20Plus%20MSP&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=ServiceDesk%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=SupportCenter%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%2014800%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%2014810%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+An Stored Cross-site Scripting vulnerability affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-42040.md b/2024/CVE-2024-42040.md
new file mode 100644
index 0000000000..66a5b06edd
--- /dev/null
+++ b/2024/CVE-2024-42040.md
@@ -0,0 +1,17 @@
+### [CVE-2024-42040](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42040)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any platform allows an attacker on the local network to leak memory from four up to 32 bytes of memory stored behind the packet to the network depending on the later use of DHCP-provided parameters via crafted DHCP responses.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-42764.md b/2024/CVE-2024-42764.md
new file mode 100644
index 0000000000..a5b7efb7dd
--- /dev/null
+++ b/2024/CVE-2024-42764.md
@@ -0,0 +1,17 @@
+### [CVE-2024-42764](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42764)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-42765.md b/2024/CVE-2024-42765.md
new file mode 100644
index 0000000000..35a8df62ff
--- /dev/null
+++ b/2024/CVE-2024-42765.md
@@ -0,0 +1,17 @@
+### [CVE-2024-42765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42765)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A SQL injection vulnerability in "/login.php" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the "email" or "password" Login page parameters.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-42766.md b/2024/CVE-2024-42766.md
new file mode 100644
index 0000000000..30ec53f0c6
--- /dev/null
+++ b/2024/CVE-2024-42766.md
@@ -0,0 +1,17 @@
+### [CVE-2024-42766](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42766)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-42845.md b/2024/CVE-2024-42845.md
new file mode 100644
index 0000000000..6acc3053b1
--- /dev/null
+++ b/2024/CVE-2024-42845.md
@@ -0,0 +1,17 @@
+### [CVE-2024-42845](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42845)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-42915.md b/2024/CVE-2024-42915.md
new file mode 100644
index 0000000000..d9718d7fc8
--- /dev/null
+++ b/2024/CVE-2024-42915.md
@@ -0,0 +1,17 @@
+### [CVE-2024-42915](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42915)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A host header injection vulnerability in Staff Appraisal System v1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This will allow attackers to arbitrarily reset other users' passwords and compromise their accounts.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-42918.md b/2024/CVE-2024-42918.md
new file mode 100644
index 0000000000..b5733a48f7
--- /dev/null
+++ b/2024/CVE-2024-42918.md
@@ -0,0 +1,17 @@
+### [CVE-2024-42918](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42918)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+itsourcecode Online Accreditation Management System contains a Cross Site Scripting vulnerability, which allows an attacker to execute arbitrary code via a crafted payload to the SCHOOLNAME, EMAILADDRES, CONTACTNO, COMPANYNAME and COMPANYCONTACTNO parameters in controller.php.
+
+### POC
+
+#### Reference
+- https://packetstormsecurity.com
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-42992.md b/2024/CVE-2024-42992.md
new file mode 100644
index 0000000000..4d69ab8e13
--- /dev/null
+++ b/2024/CVE-2024-42992.md
@@ -0,0 +1,17 @@
+### [CVE-2024-42992](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42992)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Python Pip Pandas v2.2.2 was discovered to contain an arbitrary file read vulnerability.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/nomi-sec/PoC-in-GitHub
+
diff --git a/2024/CVE-2024-43238.md b/2024/CVE-2024-43238.md
index 235758e71e..1b7e6417d9 100644
--- a/2024/CVE-2024-43238.md
+++ b/2024/CVE-2024-43238.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43239.md b/2024/CVE-2024-43239.md
new file mode 100644
index 0000000000..62e7ab24a5
--- /dev/null
+++ b/2024/CVE-2024-43239.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43239](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43239)
+![](https://img.shields.io/static/v1?label=Product&message=Masteriyo%20-%20LMS&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-639%20Authorization%20Bypass%20Through%20User-Controlled%20Key&color=brighgreen)
+
+### Description
+
+Authorization Bypass Through User-Controlled Key vulnerability in Masteriyo Masteriyo - LMS.This issue affects Masteriyo - LMS: from n/a through 1.11.4.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43240.md b/2024/CVE-2024-43240.md
new file mode 100644
index 0000000000..bda4bedd84
--- /dev/null
+++ b/2024/CVE-2024-43240.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43240](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43240)
+![](https://img.shields.io/static/v1?label=Product&message=Ultimate%20Membership%20Pro&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%2012.6%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%20Improper%20Privilege%20Management&color=brighgreen)
+
+### Description
+
+Improper Privilege Management vulnerability in azzaroco Ultimate Membership Pro allows Privilege Escalation.This issue affects Ultimate Membership Pro: from n/a through 12.6.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43241.md b/2024/CVE-2024-43241.md
new file mode 100644
index 0000000000..1a34063593
--- /dev/null
+++ b/2024/CVE-2024-43241.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43241](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43241)
+![](https://img.shields.io/static/v1?label=Product&message=Ultimate%20Membership%20Pro&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%2012.6%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in azzaroco Ultimate Membership Pro allows Reflected XSS.This issue affects Ultimate Membership Pro: from n/a through 12.6.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43242.md b/2024/CVE-2024-43242.md
new file mode 100644
index 0000000000..65e31faf94
--- /dev/null
+++ b/2024/CVE-2024-43242.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43242](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43242)
+![](https://img.shields.io/static/v1?label=Product&message=Ultimate%20Membership%20Pro&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%2012.6%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brighgreen)
+
+### Description
+
+Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro allows Object Injection.This issue affects Ultimate Membership Pro: from n/a through 12.6.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43244.md b/2024/CVE-2024-43244.md
new file mode 100644
index 0000000000..f72156a338
--- /dev/null
+++ b/2024/CVE-2024-43244.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43244](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43244)
+![](https://img.shields.io/static/v1?label=Product&message=Houzez&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in favethemes Houzez allows Reflected XSS.This issue affects Houzez: from n/a through 3.2.4.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43245.md b/2024/CVE-2024-43245.md
new file mode 100644
index 0000000000..c5219162a6
--- /dev/null
+++ b/2024/CVE-2024-43245.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43245](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43245)
+![](https://img.shields.io/static/v1?label=Product&message=JobSearch&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%202.3.4%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%20Improper%20Privilege%20Management&color=brighgreen)
+
+### Description
+
+Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This issue affects JobSearch: from n/a through 2.3.4.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43246.md b/2024/CVE-2024-43246.md
new file mode 100644
index 0000000000..f671568ccc
--- /dev/null
+++ b/2024/CVE-2024-43246.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43246](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43246)
+![](https://img.shields.io/static/v1?label=Product&message=WHMpress&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%206.2-revision-5%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in creativeon WHMpress allows Reflected XSS.This issue affects WHMpress: from n/a through 6.2-revision-5.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43247.md b/2024/CVE-2024-43247.md
new file mode 100644
index 0000000000..e9fdcc55e5
--- /dev/null
+++ b/2024/CVE-2024-43247.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43247](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43247)
+![](https://img.shields.io/static/v1?label=Product&message=WHMpress&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%206.2-revision-5%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen)
+
+### Description
+
+Missing Authorization vulnerability in creativeon WHMpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WHMpress: from n/a through 6.2-revision-5.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43248.md b/2024/CVE-2024-43248.md
new file mode 100644
index 0000000000..4e7d993961
--- /dev/null
+++ b/2024/CVE-2024-43248.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43248](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43248)
+![](https://img.shields.io/static/v1?label=Product&message=Bit%20Form%20Pro&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%202.6.4%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen)
+
+### Description
+
+Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bit Apps Bit Form Pro allows File Manipulation.This issue affects Bit Form Pro: from n/a through 2.6.4.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43249.md b/2024/CVE-2024-43249.md
new file mode 100644
index 0000000000..4f9dc926e7
--- /dev/null
+++ b/2024/CVE-2024-43249.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43249](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43249)
+![](https://img.shields.io/static/v1?label=Product&message=Bit%20Form%20Pro&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%202.6.4%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brighgreen)
+
+### Description
+
+Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form Pro allows Command Injection.This issue affects Bit Form Pro: from n/a through 2.6.4.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43250.md b/2024/CVE-2024-43250.md
new file mode 100644
index 0000000000..5352138c67
--- /dev/null
+++ b/2024/CVE-2024-43250.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43250](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43250)
+![](https://img.shields.io/static/v1?label=Product&message=Bit%20Form%20Pro&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%202.6.4%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-863%20Incorrect%20Authorization&color=brighgreen)
+
+### Description
+
+Incorrect Authorization vulnerability in Bit Apps Bit Form Pro bitformpro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bit Form Pro: from n/a through 2.6.4.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43252.md b/2024/CVE-2024-43252.md
new file mode 100644
index 0000000000..1cde73604c
--- /dev/null
+++ b/2024/CVE-2024-43252.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43252](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43252)
+![](https://img.shields.io/static/v1?label=Product&message=Crew%20HRM&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brighgreen)
+
+### Description
+
+Deserialization of Untrusted Data vulnerability in Crew HRM allows Object Injection.This issue affects Crew HRM: from n/a through 1.1.1.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43256.md b/2024/CVE-2024-43256.md
new file mode 100644
index 0000000000..72708b306a
--- /dev/null
+++ b/2024/CVE-2024-43256.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43256](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43256)
+![](https://img.shields.io/static/v1?label=Product&message=Leopard%20-%20WordPress%20offload%20media&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%202.0.36%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen)
+
+### Description
+
+Missing Authorization vulnerability in nouthemes Leopard - WordPress offload media allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Leopard - WordPress offload media: from n/a through 2.0.36.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43261.md b/2024/CVE-2024-43261.md
new file mode 100644
index 0000000000..025ed51c52
--- /dev/null
+++ b/2024/CVE-2024-43261.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43261](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43261)
+![](https://img.shields.io/static/v1?label=Product&message=Compute%20Links&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%201.2.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-98%20Improper%20Control%20of%20Filename%20for%20Include%2FRequire%20Statement%20in%20PHP%20Program%20('PHP%20Remote%20File%20Inclusion')&color=brighgreen)
+
+### Description
+
+Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Hamed Naderfar Compute Links allows PHP Remote File Inclusion.This issue affects Compute Links: from n/a through 1.2.1.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43262.md b/2024/CVE-2024-43262.md
new file mode 100644
index 0000000000..e93e897ead
--- /dev/null
+++ b/2024/CVE-2024-43262.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43262](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43262)
+![](https://img.shields.io/static/v1?label=Product&message=Busiprof&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%202.4.8%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in webriti Busiprof allows Stored XSS.This issue affects Busiprof: from n/a through 2.4.8.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43263.md b/2024/CVE-2024-43263.md
new file mode 100644
index 0000000000..cb70bbfb4a
--- /dev/null
+++ b/2024/CVE-2024-43263.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43263](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43263)
+![](https://img.shields.io/static/v1?label=Product&message=Visual%20Composer%20Starter&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%203.3%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Visual Composer Visual Composer Starter allows Stored XSS.This issue affects Visual Composer Starter: from n/a through 3.3.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43266.md b/2024/CVE-2024-43266.md
new file mode 100644
index 0000000000..ea4ce8215e
--- /dev/null
+++ b/2024/CVE-2024-43266.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43266](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43266)
+![](https://img.shields.io/static/v1?label=Product&message=WP%20Job%20Portal&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%202.1.6%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-639%20Authorization%20Bypass%20Through%20User-Controlled%20Key&color=brighgreen)
+
+### Description
+
+Authorization Bypass Through User-Controlled Key vulnerability in WP Job Portal.This issue affects WP Job Portal: from n/a through 2.1.6.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43267.md b/2024/CVE-2024-43267.md
new file mode 100644
index 0000000000..abc2fa47f4
--- /dev/null
+++ b/2024/CVE-2024-43267.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43267](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43267)
+![](https://img.shields.io/static/v1?label=Product&message=Mega%20Addons%20For%20Elementor&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%201.9%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through 1.9.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43271.md b/2024/CVE-2024-43271.md
new file mode 100644
index 0000000000..606efc4407
--- /dev/null
+++ b/2024/CVE-2024-43271.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43271)
+![](https://img.shields.io/static/v1?label=Product&message=Woo%20Products%20Widgets%20For%20Elementor&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%202.0.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen)
+
+### Description
+
+Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themelocation Woo Products Widgets For Elementor allows PHP Local File Inclusion.This issue affects Woo Products Widgets For Elementor: from n/a through 2.0.0.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43272.md b/2024/CVE-2024-43272.md
new file mode 100644
index 0000000000..d6105f1124
--- /dev/null
+++ b/2024/CVE-2024-43272.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43272](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43272)
+![](https://img.shields.io/static/v1?label=Product&message=Icegram&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-306%20Missing%20Authentication%20for%20Critical%20Function&color=brighgreen)
+
+### Description
+
+Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43276.md b/2024/CVE-2024-43276.md
index edb9c6e89b..a2b3a6f275 100644
--- a/2024/CVE-2024-43276.md
+++ b/2024/CVE-2024-43276.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43278.md b/2024/CVE-2024-43278.md
new file mode 100644
index 0000000000..104ff79f98
--- /dev/null
+++ b/2024/CVE-2024-43278.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43278](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43278)
+![](https://img.shields.io/static/v1?label=Product&message=Meta%20Field%20Block&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Phi Phan Meta Field Block allows Stored XSS.This issue affects Meta Field Block: from n/a through 1.2.13.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43279.md b/2024/CVE-2024-43279.md
new file mode 100644
index 0000000000..3656fd61e5
--- /dev/null
+++ b/2024/CVE-2024-43279.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43279](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43279)
+![](https://img.shields.io/static/v1?label=Product&message=Newsletters&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.This issue affects Newsletters: from n/a through 4.9.8.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43280.md b/2024/CVE-2024-43280.md
new file mode 100644
index 0000000000..82735ec6c8
--- /dev/null
+++ b/2024/CVE-2024-43280.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43280](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43280)
+![](https://img.shields.io/static/v1?label=Product&message=Salon%20booking%20system&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-601%20URL%20Redirection%20to%20Untrusted%20Site%20('Open%20Redirect')&color=brighgreen)
+
+### Description
+
+URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43281.md b/2024/CVE-2024-43281.md
new file mode 100644
index 0000000000..f8e935bcd4
--- /dev/null
+++ b/2024/CVE-2024-43281.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43281)
+![](https://img.shields.io/static/v1?label=Product&message=Void%20Elementor%20Post%20Grid%20Addon%20for%20Elementor%20Page%20builder&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen)
+
+### Description
+
+Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in VOID CODERS Void Elementor Post Grid Addon for Elementor Page builder allows PHP Local File Inclusion.This issue affects Void Elementor Post Grid Addon for Elementor Page builder: from n/a through 2.3.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43282.md b/2024/CVE-2024-43282.md
new file mode 100644
index 0000000000..f8c64b5b9a
--- /dev/null
+++ b/2024/CVE-2024-43282.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43282](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43282)
+![](https://img.shields.io/static/v1?label=Product&message=Tutor%20LMS&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.2.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43284.md b/2024/CVE-2024-43284.md
new file mode 100644
index 0000000000..68e5f9d01c
--- /dev/null
+++ b/2024/CVE-2024-43284.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43284](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43284)
+![](https://img.shields.io/static/v1?label=Product&message=WP%20Travel%20Gutenberg%20Blocks&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel WP Travel Gutenberg Blocks allows Stored XSS.This issue affects WP Travel Gutenberg Blocks: from n/a through 3.5.1.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43288.md b/2024/CVE-2024-43288.md
new file mode 100644
index 0000000000..8cf5c212a3
--- /dev/null
+++ b/2024/CVE-2024-43288.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43288](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43288)
+![](https://img.shields.io/static/v1?label=Product&message=wpForo%20Forum&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-639%20Authorization%20Bypass%20Through%20User-Controlled%20Key&color=brighgreen)
+
+### Description
+
+Authorization Bypass Through User-Controlled Key vulnerability in gVectors Team wpForo Forum.This issue affects wpForo Forum: from n/a through 2.3.4.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43292.md b/2024/CVE-2024-43292.md
new file mode 100644
index 0000000000..9ab710d318
--- /dev/null
+++ b/2024/CVE-2024-43292.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43292](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43292)
+![](https://img.shields.io/static/v1?label=Product&message=Envo's%20Elementor%20Templates%20%26%20Widgets%20for%20WooCommerce&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.This issue affects Envo's Elementor Templates & Widgets for WooCommerce: from n/a through 1.4.16.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43303.md b/2024/CVE-2024-43303.md
new file mode 100644
index 0000000000..cb8b281b89
--- /dev/null
+++ b/2024/CVE-2024-43303.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43303](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43303)
+![](https://img.shields.io/static/v1?label=Product&message=White%20Label%20CMS&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in videousermanuals.Com White Label CMS allows Reflected XSS.This issue affects White Label CMS: from n/a through 2.7.4.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43306.md b/2024/CVE-2024-43306.md
index 7bdbf11061..0902a0f76b 100644
--- a/2024/CVE-2024-43306.md
+++ b/2024/CVE-2024-43306.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43307.md b/2024/CVE-2024-43307.md
index 970c41b9bc..8fe051c12e 100644
--- a/2024/CVE-2024-43307.md
+++ b/2024/CVE-2024-43307.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43308.md b/2024/CVE-2024-43308.md
index aeaaa4dbd6..fc95cc9630 100644
--- a/2024/CVE-2024-43308.md
+++ b/2024/CVE-2024-43308.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43309.md b/2024/CVE-2024-43309.md
index 279c4c752d..db8a1b3ba2 100644
--- a/2024/CVE-2024-43309.md
+++ b/2024/CVE-2024-43309.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43311.md b/2024/CVE-2024-43311.md
new file mode 100644
index 0000000000..f17a1f1790
--- /dev/null
+++ b/2024/CVE-2024-43311.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43311](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43311)
+![](https://img.shields.io/static/v1?label=Product&message=Login%20As%20Users&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%20Improper%20Privilege%20Management&color=brighgreen)
+
+### Description
+
+Improper Privilege Management vulnerability in Geek Code Lab Login As Users allows Privilege Escalation.This issue affects Login As Users: from n/a through 1.4.2.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43313.md b/2024/CVE-2024-43313.md
index e979e6c086..c97af6d591 100644
--- a/2024/CVE-2024-43313.md
+++ b/2024/CVE-2024-43313.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43318.md b/2024/CVE-2024-43318.md
index de42bc3b74..4d6163a1dc 100644
--- a/2024/CVE-2024-43318.md
+++ b/2024/CVE-2024-43318.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43321.md b/2024/CVE-2024-43321.md
index 977dc8be8f..ec4862ebaa 100644
--- a/2024/CVE-2024-43321.md
+++ b/2024/CVE-2024-43321.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43322.md b/2024/CVE-2024-43322.md
new file mode 100644
index 0000000000..59573d830c
--- /dev/null
+++ b/2024/CVE-2024-43322.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43322](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43322)
+![](https://img.shields.io/static/v1?label=Product&message=Zephyr%20Project%20Manager&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-639%20Authorization%20Bypass%20Through%20User-Controlled%20Key&color=brighgreen)
+
+### Description
+
+Authorization Bypass Through User-Controlled Key vulnerability in Dylan James Zephyr Project Manager.This issue affects Zephyr Project Manager: from n/a through 3.3.100.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43327.md b/2024/CVE-2024-43327.md
index 01876a2bbc..f5048a132d 100644
--- a/2024/CVE-2024-43327.md
+++ b/2024/CVE-2024-43327.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43328.md b/2024/CVE-2024-43328.md
new file mode 100644
index 0000000000..8feb9f6050
--- /dev/null
+++ b/2024/CVE-2024-43328.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43328](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43328)
+![](https://img.shields.io/static/v1?label=Product&message=EmbedPress&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen)
+
+### Description
+
+Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPDeveloper EmbedPress allows PHP Local File Inclusion.This issue affects EmbedPress: from n/a through 4.0.9.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43335.md b/2024/CVE-2024-43335.md
index 76e37ac723..24506dc25e 100644
--- a/2024/CVE-2024-43335.md
+++ b/2024/CVE-2024-43335.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43342.md b/2024/CVE-2024-43342.md
index 201172ebce..479a2110b3 100644
--- a/2024/CVE-2024-43342.md
+++ b/2024/CVE-2024-43342.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43344.md b/2024/CVE-2024-43344.md
index 7d93c7af3b..bed31f5d4e 100644
--- a/2024/CVE-2024-43344.md
+++ b/2024/CVE-2024-43344.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43345.md b/2024/CVE-2024-43345.md
new file mode 100644
index 0000000000..dfaa4453e0
--- /dev/null
+++ b/2024/CVE-2024-43345.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43345](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43345)
+![](https://img.shields.io/static/v1?label=Product&message=Landing%20Page%20Builder&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen)
+
+### Description
+
+Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PluginOps Landing Page Builder allows PHP Local File Inclusion.This issue affects Landing Page Builder: from n/a through 1.5.2.0.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43346.md b/2024/CVE-2024-43346.md
index e956bf09ae..84d95dfb4c 100644
--- a/2024/CVE-2024-43346.md
+++ b/2024/CVE-2024-43346.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43348.md b/2024/CVE-2024-43348.md
index dc61797c9c..35d94393fb 100644
--- a/2024/CVE-2024-43348.md
+++ b/2024/CVE-2024-43348.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43350.md b/2024/CVE-2024-43350.md
new file mode 100644
index 0000000000..5867be5567
--- /dev/null
+++ b/2024/CVE-2024-43350.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43350](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43350)
+![](https://img.shields.io/static/v1?label=Product&message=Propovoice%20CRM&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%3C%3D%201.7.6.4%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-639%20Authorization%20Bypass%20Through%20User-Controlled%20Key&color=brighgreen)
+
+### Description
+
+Authorization Bypass Through User-Controlled Key vulnerability in Propovoice Propovoice CRM.This issue affects Propovoice CRM: from n/a through 1.7.6.4.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43352.md b/2024/CVE-2024-43352.md
index 6707d00022..a282c5c063 100644
--- a/2024/CVE-2024-43352.md
+++ b/2024/CVE-2024-43352.md
@@ -13,5 +13,6 @@ Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-43353.md b/2024/CVE-2024-43353.md
new file mode 100644
index 0000000000..3a17980239
--- /dev/null
+++ b/2024/CVE-2024-43353.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43353](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43353)
+![](https://img.shields.io/static/v1?label=Product&message=myCred&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in myCred allows Stored XSS.This issue affects myCred: from n/a through 2.7.2.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43354.md b/2024/CVE-2024-43354.md
new file mode 100644
index 0000000000..bac4ee38a5
--- /dev/null
+++ b/2024/CVE-2024-43354.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43354](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43354)
+![](https://img.shields.io/static/v1?label=Product&message=myCred&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brighgreen)
+
+### Description
+
+Deserialization of Untrusted Data vulnerability in myCred allows Object Injection.This issue affects myCred: from n/a through 2.7.2.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-43396.md b/2024/CVE-2024-43396.md
new file mode 100644
index 0000000000..6235b7af8a
--- /dev/null
+++ b/2024/CVE-2024-43396.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43396](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43396)
+![](https://img.shields.io/static/v1?label=Product&message=khoj&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%201.15.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Khoj is an application that creates personal AI agents. The Automation feature allows a user to insert arbitrary HTML inside the task instructions, resulting in a Stored XSS. The q parameter for the /api/automation endpoint does not get correctly sanitized when rendered on the page, resulting in the ability of users to inject arbitrary HTML/JS. This vulnerability is fixed in 1.15.0.
+
+### POC
+
+#### Reference
+- https://github.com/khoj-ai/khoj/security/advisories/GHSA-cf72-vg59-4j4h
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-43398.md b/2024/CVE-2024-43398.md
index 41512d9b82..67373bd011 100644
--- a/2024/CVE-2024-43398.md
+++ b/2024/CVE-2024-43398.md
@@ -14,4 +14,5 @@ No PoCs from references.
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/lifeparticle/Ruby-Cheatsheet
 
diff --git a/2024/CVE-2024-43403.md b/2024/CVE-2024-43403.md
new file mode 100644
index 0000000000..acd362b5fa
--- /dev/null
+++ b/2024/CVE-2024-43403.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43403](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43403)
+![](https://img.shields.io/static/v1?label=Product&message=kanister&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%200.110.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%3A%20Improper%20Privilege%20Management&color=brighgreen)
+
+### Description
+
+Kanister is a data protection workflow management tool. The kanister has a deployment called default-kanister-operator, which is bound with a ClusterRole called edit via ClusterRoleBinding. The "edit" ClusterRole is one of Kubernetes default-created ClusterRole, and it has the create/patch/udpate verbs of daemonset resources, create verb of serviceaccount/token resources, and impersonate verb of serviceaccounts resources. A malicious user can leverage access the worker node which has this component to make a cluster-level privilege escalation.
+
+### POC
+
+#### Reference
+- https://github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-43782.md b/2024/CVE-2024-43782.md
new file mode 100644
index 0000000000..6312348a7d
--- /dev/null
+++ b/2024/CVE-2024-43782.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43782](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43782)
+![](https://img.shields.io/static/v1?label=Product&message=openedx-translations&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%20b2444340e8702c7955310331c1db5fd85b25b92b%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-74%3A%20Improper%20Neutralization%20of%20Special%20Elements%20in%20Output%20Used%20by%20a%20Downstream%20Component%20('Injection')&color=brighgreen)
+
+### Description
+
+This openedx-translations repository contains translation files from Open edX repositories to be kept in sync with Transifex. Before moving to pulling translations from the openedx-translations repository via openedx-atlas, translations in the edx-platform repository were validated using edx-i18n-tools. This validation included protection against malformed translations and translations-based script injections. Prior to this patch, the validation implemented in the openedx-translations repository did not include the same protections. The maintainer inspected the translations in the edx-platform directory of both the main and open-release/redwood.master branches of the openedx-translations repository and found no evidence of exploited translation strings.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-43791.md b/2024/CVE-2024-43791.md
new file mode 100644
index 0000000000..2467281b17
--- /dev/null
+++ b/2024/CVE-2024-43791.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43791](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43791)
+![](https://img.shields.io/static/v1?label=Product&message=request_store&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3D%201.3.2%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-276%3A%20Incorrect%20Default%20Permissions&color=brighgreen)
+
+### Description
+
+RequestStore provides per-request global storage for Rack. The files published as part of request_store 1.3.2 have 0666 permissions, meaning that they are world-writable, which allows local users to execute arbitrary code. This version was published in 2017, and most production environments do not allow access for local users, so the chances of this being exploited are very low, given that the vast majority of users will have upgraded, and those that have not, if any, are not likely to be exposed.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-43883.md b/2024/CVE-2024-43883.md
new file mode 100644
index 0000000000..2a7031f687
--- /dev/null
+++ b/2024/CVE-2024-43883.md
@@ -0,0 +1,17 @@
+### [CVE-2024-43883](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43883)
+![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=1da177e4c3f4%3C%205a3c473b28ae%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+In the Linux kernel, the following vulnerability has been resolved:usb: vhci-hcd: Do not drop references before new references are gainedAt a few places the driver carries stale pointersto references that can still be used. Make sure that does not happen.This strictly speaking closes ZDI-CAN-22273, though there may besimilar races in the driver.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-45187.md b/2024/CVE-2024-45187.md
new file mode 100644
index 0000000000..e2168c1a21
--- /dev/null
+++ b/2024/CVE-2024-45187.md
@@ -0,0 +1,17 @@
+### [CVE-2024-45187](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45187)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Guest users in the Mage AI framework that remain logged in after their accounts are deleted, are mistakenly given high privileges and specifically given access to remotely execute arbitrary code through the Mage AI terminal server
+
+### POC
+
+#### Reference
+- https://research.jfrog.com/vulnerabilities/mage-ai-deleted-users-rce-jfsa-2024-001039602/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-45188.md b/2024/CVE-2024-45188.md
new file mode 100644
index 0000000000..2e4e5424e6
--- /dev/null
+++ b/2024/CVE-2024-45188.md
@@ -0,0 +1,17 @@
+### [CVE-2024-45188](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45188)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "File Content" request
+
+### POC
+
+#### Reference
+- https://research.jfrog.com/vulnerabilities/mage-ai-file-content-request-remote-arbitrary-file-leak-jfsa-2024-001039603/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-45189.md b/2024/CVE-2024-45189.md
new file mode 100644
index 0000000000..3a5385841c
--- /dev/null
+++ b/2024/CVE-2024-45189.md
@@ -0,0 +1,17 @@
+### [CVE-2024-45189](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45189)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Git Content" request
+
+### POC
+
+#### Reference
+- https://research.jfrog.com/vulnerabilities/mage-ai-git-content-request-remote-arbitrary-file-leak-jfsa-2024-001039604/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-45190.md b/2024/CVE-2024-45190.md
new file mode 100644
index 0000000000..e667a65847
--- /dev/null
+++ b/2024/CVE-2024-45190.md
@@ -0,0 +1,17 @@
+### [CVE-2024-45190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45190)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Pipeline Interaction" request
+
+### POC
+
+#### Reference
+- https://research.jfrog.com/vulnerabilities/mage-ai-pipeline-interaction-request-remote-arbitrary-file-leak-jfsa-2024-001039605/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-5466.md b/2024/CVE-2024-5466.md
new file mode 100644
index 0000000000..947ab4a5dd
--- /dev/null
+++ b/2024/CVE-2024-5466.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5466](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5466)
+![](https://img.shields.io/static/v1?label=Product&message=OpManager%2C%20Remote%20Monitoring%20and%20Management&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%20128329%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen)
+
+### Description
+
+Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-5467.md b/2024/CVE-2024-5467.md
new file mode 100644
index 0000000000..f3665ba67a
--- /dev/null
+++ b/2024/CVE-2024-5467.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5467](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5467)
+![](https://img.shields.io/static/v1?label=Product&message=ADAudit%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%208121%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in account lockout report.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-5490.md b/2024/CVE-2024-5490.md
new file mode 100644
index 0000000000..4fbbce7b58
--- /dev/null
+++ b/2024/CVE-2024-5490.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5490](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5490)
+![](https://img.shields.io/static/v1?label=Product&message=ADAudit%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%208000%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in aggregate reports option.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-5502.md b/2024/CVE-2024-5502.md
index 888081f0f6..7f7361dd51 100644
--- a/2024/CVE-2024-5502.md
+++ b/2024/CVE-2024-5502.md
@@ -13,5 +13,6 @@ The Piotnet Addons For Elementor plugin for WordPress is vulnerable to Stored Cr
 No PoCs from references.
 
 #### Github
+- https://github.com/20142995/nuclei-templates
 - https://github.com/fkie-cad/nvd-json-data-feeds
 
diff --git a/2024/CVE-2024-5556.md b/2024/CVE-2024-5556.md
new file mode 100644
index 0000000000..3aff1d2bec
--- /dev/null
+++ b/2024/CVE-2024-5556.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5556](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5556)
+![](https://img.shields.io/static/v1?label=Product&message=ADAudit%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%208000%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Zohocorp ManageEngine ADAudit Plus versions below 8000 are vulnerable to the authenticated SQL injection in reports module.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-5586.md b/2024/CVE-2024-5586.md
new file mode 100644
index 0000000000..2e8c4adf2d
--- /dev/null
+++ b/2024/CVE-2024-5586.md
@@ -0,0 +1,17 @@
+### [CVE-2024-5586](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5586)
+![](https://img.shields.io/static/v1?label=Product&message=ADAudit%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%208000%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to the authenticated SQL injection in extranet lockouts report option.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-6008.md b/2024/CVE-2024-6008.md
new file mode 100644
index 0000000000..18f41b516f
--- /dev/null
+++ b/2024/CVE-2024-6008.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6008](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6008)
+![](https://img.shields.io/static/v1?label=Product&message=Online%20Book%20Store&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as critical, was found in itsourcecode Online Book Store up to 1.0. Affected is an unknown function of the file /edit_book.php. The manipulation of the argument image leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-268698 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/1902zdq/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6014.md b/2024/CVE-2024-6014.md
new file mode 100644
index 0000000000..8ae19a69a0
--- /dev/null
+++ b/2024/CVE-2024-6014.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6014](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6014)
+![](https://img.shields.io/static/v1?label=Product&message=Document%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability classified as critical has been found in itsourcecode Document Management System 1.0. Affected is an unknown function of the file edithis.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-268722 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/gabriel202212/cve/issues/2
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6062.md b/2024/CVE-2024-6062.md
new file mode 100644
index 0000000000..0748322a2d
--- /dev/null
+++ b/2024/CVE-2024-6062.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6062](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6062)
+![](https://img.shields.io/static/v1?label=Product&message=GPAC&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%202.5-DEV-rev228-g11067ea92-master%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%20NULL%20Pointer%20Dereference&color=brighgreen)
+
+### Description
+
+A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master and classified as problematic. Affected by this issue is the function swf_svg_add_iso_sample of the file src/filters/load_text.c of the component MP4Box. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The patch is identified as 31e499d310a48bd17c8b055a0bfe0fe35887a7cd. It is recommended to apply a patch to fix this issue. VDB-268790 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/gpac/gpac/issues/2872
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6063.md b/2024/CVE-2024-6063.md
new file mode 100644
index 0000000000..ee29bd8309
--- /dev/null
+++ b/2024/CVE-2024-6063.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6063](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6063)
+![](https://img.shields.io/static/v1?label=Product&message=GPAC&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%202.5-DEV-rev228-g11067ea92-master%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%20NULL%20Pointer%20Dereference&color=brighgreen)
+
+### Description
+
+A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been classified as problematic. This affects the function m2tsdmx_on_event of the file src/filters/dmx_m2ts.c of the component MP4Box. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named 8767ed0a77c4b02287db3723e92c2169f67c85d5. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-268791.
+
+### POC
+
+#### Reference
+- https://github.com/gpac/gpac/issues/2873
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6065.md b/2024/CVE-2024-6065.md
new file mode 100644
index 0000000000..600f1773ec
--- /dev/null
+++ b/2024/CVE-2024-6065.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6065](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6065)
+![](https://img.shields.io/static/v1?label=Product&message=Bakery%20Online%20Ordering%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument user_email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-268793 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/ppp-src/CVE/issues/4
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6109.md b/2024/CVE-2024-6109.md
new file mode 100644
index 0000000000..3bee6df16e
--- /dev/null
+++ b/2024/CVE-2024-6109.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6109](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6109)
+![](https://img.shields.io/static/v1?label=Product&message=Tailoring%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file addmeasurement.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268855.
+
+### POC
+
+#### Reference
+- https://github.com/PHJ-doit/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6110.md b/2024/CVE-2024-6110.md
new file mode 100644
index 0000000000..fe3eb752f6
--- /dev/null
+++ b/2024/CVE-2024-6110.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6110](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6110)
+![](https://img.shields.io/static/v1?label=Product&message=Magbanua%20Beach%20Resort%20Online%20Reservation%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen)
+
+### Description
+
+A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file controller.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268856.
+
+### POC
+
+#### Reference
+- https://github.com/Laster-dev/CVE/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6112.md b/2024/CVE-2024-6112.md
new file mode 100644
index 0000000000..b42ffb220f
--- /dev/null
+++ b/2024/CVE-2024-6112.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6112](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6112)
+![](https://img.shields.io/static/v1?label=Product&message=Pool%20of%20Bethesda%20Online%20Reservation%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument log_email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-268858 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/wangyuan-ui/CVE/issues/2
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6115.md b/2024/CVE-2024-6115.md
new file mode 100644
index 0000000000..3a8c10e21b
--- /dev/null
+++ b/2024/CVE-2024-6115.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6115](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6115)
+![](https://img.shields.io/static/v1?label=Product&message=Simple%20Online%20Hotel%20Reservation%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen)
+
+### Description
+
+A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file add_room.php. The manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-268867.
+
+### POC
+
+#### Reference
+- https://github.com/wangyuan-ui/CVE/issues/5
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6116.md b/2024/CVE-2024-6116.md
new file mode 100644
index 0000000000..ed4b2ef979
--- /dev/null
+++ b/2024/CVE-2024-6116.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6116](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6116)
+![](https://img.shields.io/static/v1?label=Product&message=Simple%20Online%20Hotel%20Reservation%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online Hotel Reservation System 1.0. Affected by this issue is some unknown functionality of the file edit_room.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268868.
+
+### POC
+
+#### Reference
+- https://github.com/wangyuan-ui/CVE/issues/6
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6127.md b/2024/CVE-2024-6127.md
index 3fa3b0b400..23a6f70c1c 100644
--- a/2024/CVE-2024-6127.md
+++ b/2024/CVE-2024-6127.md
@@ -10,6 +10,7 @@ BC Security Empire before 5.9.3 is vulnerable to a path traversal issue that can
 ### POC
 
 #### Reference
+- https://github.com/ACE-Responder/Empire-C2-RCE-PoC
 - https://vulncheck.com/advisories/empire-unauth-rce
 
 #### Github
diff --git a/2024/CVE-2024-6185.md b/2024/CVE-2024-6185.md
index 565eaccbdf..534ca146b2 100644
--- a/2024/CVE-2024-6185.md
+++ b/2024/CVE-2024-6185.md
@@ -10,7 +10,7 @@ A vulnerability, which was classified as critical, has been found in Ruijie RG-U
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/L1OudFd8cl09/CVE/blob/main/11_06_2024_b.md
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-6195.md b/2024/CVE-2024-6195.md
index fb6403c075..7b50d75082 100644
--- a/2024/CVE-2024-6195.md
+++ b/2024/CVE-2024-6195.md
@@ -10,7 +10,7 @@ A vulnerability has been found in itsourcecode Tailoring Management System 1.0 a
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/2768210355/cve/issues/2
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-6253.md b/2024/CVE-2024-6253.md
new file mode 100644
index 0000000000..7d28f01244
--- /dev/null
+++ b/2024/CVE-2024-6253.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6253](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6253)
+![](https://img.shields.io/static/v1?label=Product&message=Online%20Food%20Ordering%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in itsourcecode Online Food Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /purchase.php. The manipulation of the argument customer leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269420.
+
+### POC
+
+#### Reference
+- https://github.com/Desenchanted/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6267.md b/2024/CVE-2024-6267.md
index dbb63ff916..df6d69419a 100644
--- a/2024/CVE-2024-6267.md
+++ b/2024/CVE-2024-6267.md
@@ -11,6 +11,7 @@ A vulnerability classified as problematic was found in SourceCodester Service Pr
 
 #### Reference
 - https://docs.google.com/document/d/1upC4101Ob9UW7fGC_valsEa45Q5xuBgcKZhs1Q-WoBM/edit?usp=sharing
+- https://github.com/sgr-xd/CVEs/blob/main/CVE-2024-6267.md
 
 #### Github
 No PoCs found on GitHub currently.
diff --git a/2024/CVE-2024-6371.md b/2024/CVE-2024-6371.md
new file mode 100644
index 0000000000..90deb0a63a
--- /dev/null
+++ b/2024/CVE-2024-6371.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6371](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6371)
+![](https://img.shields.io/static/v1?label=Product&message=Pool%20of%20Bethesda%20Online%20Reservation%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as critical, has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. Affected by this issue is some unknown functionality of the file controller.php. The manipulation of the argument rmtype_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269804.
+
+### POC
+
+#### Reference
+- https://github.com/L1OudFd8cl09/CVE/blob/main/25_06_2024_b.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6372.md b/2024/CVE-2024-6372.md
new file mode 100644
index 0000000000..15ce7da94d
--- /dev/null
+++ b/2024/CVE-2024-6372.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6372](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6372)
+![](https://img.shields.io/static/v1?label=Product&message=Tailoring%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System 1.0. This affects an unknown part of the file customeradd.php. The manipulation of the argument fullname/address/phonenumber/sex/email/city/comment leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-269805 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/Galaxy-lrc/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6387.md b/2024/CVE-2024-6387.md
index afee85668f..ba5bb798f0 100644
--- a/2024/CVE-2024-6387.md
+++ b/2024/CVE-2024-6387.md
@@ -27,6 +27,7 @@ A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd).
 - http://www.openwall.com/lists/oss-security/2024/07/03/5
 - http://www.openwall.com/lists/oss-security/2024/07/28/2
 - https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
+- https://github.com/zgzhang/cve-2024-6387-poc
 - https://news.ycombinator.com/item?id=40843778
 - https://santandersecurityresearch.github.io/blog/sshing_the_masses.html
 - https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html
diff --git a/2024/CVE-2024-6439.md b/2024/CVE-2024-6439.md
new file mode 100644
index 0000000000..2764fdba22
--- /dev/null
+++ b/2024/CVE-2024-6439.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6439](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6439)
+![](https://img.shields.io/static/v1?label=Product&message=Home%20Owners%20Collection%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen)
+
+### Description
+
+A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-270167.
+
+### POC
+
+#### Reference
+- https://github.com/GAO-UNO/cve/blob/main/upload.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6649.md b/2024/CVE-2024-6649.md
new file mode 100644
index 0000000000..39b358410d
--- /dev/null
+++ b/2024/CVE-2024-6649.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6649](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6649)
+![](https://img.shields.io/static/v1?label=Product&message=Employee%20and%20Visitor%20Gate%20Pass%20Logging%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery&color=brighgreen)
+
+### Description
+
+A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is the function save_users of the file Users.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271057 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/Xu-Mingming/cve/blob/main/csrf1.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6650.md b/2024/CVE-2024-6650.md
new file mode 100644
index 0000000000..5bbf647860
--- /dev/null
+++ b/2024/CVE-2024-6650.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6650](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6650)
+![](https://img.shields.io/static/v1?label=Product&message=Employee%20and%20Visitor%20Gate%20Pass%20Logging%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen)
+
+### Description
+
+A vulnerability was found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this issue is the function save_designation of the file /classes/Master.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-271058 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/Xu-Mingming/cve/blob/main/xss1.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6653.md b/2024/CVE-2024-6653.md
new file mode 100644
index 0000000000..19862135e3
--- /dev/null
+++ b/2024/CVE-2024-6653.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6653](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6653)
+![](https://img.shields.io/static/v1?label=Product&message=Simple%20Task%20List&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in code-projects Simple Task List 1.0. It has been declared as critical. This vulnerability affects unknown code of the file loginForm.php of the component Login. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271060.
+
+### POC
+
+#### Reference
+- https://github.com/hantianj/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6728.md b/2024/CVE-2024-6728.md
new file mode 100644
index 0000000000..b3da67b053
--- /dev/null
+++ b/2024/CVE-2024-6728.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6728](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6728)
+![](https://img.shields.io/static/v1?label=Product&message=Tailoring%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been classified as critical. This affects an unknown part of the file typeedit.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271401 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/jeery0/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6733.md b/2024/CVE-2024-6733.md
new file mode 100644
index 0000000000..f617cad6a4
--- /dev/null
+++ b/2024/CVE-2024-6733.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6733](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6733)
+![](https://img.shields.io/static/v1?label=Product&message=Tailoring%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file templateedit.php. The manipulation of the argument id/title/msg leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-271454 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/jiaoyanshuai/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6734.md b/2024/CVE-2024-6734.md
new file mode 100644
index 0000000000..16f9e52d99
--- /dev/null
+++ b/2024/CVE-2024-6734.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6734](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6734)
+![](https://img.shields.io/static/v1?label=Product&message=Tailoring%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been classified as critical. This affects an unknown part of the file templateadd.php. The manipulation of the argument title/msg leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-271455.
+
+### POC
+
+#### Reference
+- https://github.com/jiaoyanshuai/cve/issues/2
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6735.md b/2024/CVE-2024-6735.md
new file mode 100644
index 0000000000..3ae691af0f
--- /dev/null
+++ b/2024/CVE-2024-6735.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6735](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6735)
+![](https://img.shields.io/static/v1?label=Product&message=Tailoring%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file setgeneral.php. The manipulation of the argument sitename/email/mobile/sms/currency leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271456.
+
+### POC
+
+#### Reference
+- https://github.com/xzyxiaohaha/cve/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6746.md b/2024/CVE-2024-6746.md
new file mode 100644
index 0000000000..15dce68d4d
--- /dev/null
+++ b/2024/CVE-2024-6746.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6746](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6746)
+![](https://img.shields.io/static/v1?label=Product&message=EasySpider&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%200.6.2%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-24%20Path%20Traversal%3A%20'..%2Ffiledir'&color=brighgreen)
+
+### Description
+
+A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input /../../../../../../../../../Windows/win.ini leads to path traversal: '../filedir'. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The identifier VDB-271477 was assigned to this vulnerability. NOTE: The code maintainer explains, that this is not a big issue "because the default is that the software runs locally without going through the Internet".
+
+### POC
+
+#### Reference
+- https://github.com/NaiboWang/EasySpider/issues/466
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6801.md b/2024/CVE-2024-6801.md
new file mode 100644
index 0000000000..caacf4ce45
--- /dev/null
+++ b/2024/CVE-2024-6801.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6801](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6801)
+![](https://img.shields.io/static/v1?label=Product&message=Online%20Student%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as critical, has been found in SourceCodester Online Student Management System 1.0. This issue affects some unknown processing of the file /add-students.php. The manipulation of the argument image leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-271703.
+
+### POC
+
+#### Reference
+- https://github.com/aaajuna/demo/issues/1
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6803.md b/2024/CVE-2024-6803.md
new file mode 100644
index 0000000000..7f298b44c3
--- /dev/null
+++ b/2024/CVE-2024-6803.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6803](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6803)
+![](https://img.shields.io/static/v1?label=Product&message=Document%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability has been found in itsourcecode Document Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file insert.php. The manipulation of the argument anothercont leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271705 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/hzy11111111/cve/issues/3
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6848.md b/2024/CVE-2024-6848.md
new file mode 100644
index 0000000000..7b24b4f149
--- /dev/null
+++ b/2024/CVE-2024-6848.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6848](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6848)
+![](https://img.shields.io/static/v1?label=Product&message=Post%20and%20Page%20Builder%20by%20BoldGrid%20%E2%80%93%20Visual%20Drag%20and%20Drop%20Editor&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.26.6%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 1.26.6 due to insufficient input sanitization and output escaping affecting the boldgrid_canvas_image AJAX endpoint. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.
+
+### POC
+
+#### Reference
+- https://github.com/BoldGrid/post-and-page-builder/issues/612
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6923.md b/2024/CVE-2024-6923.md
index 5b65ea88f2..2af6ef6f24 100644
--- a/2024/CVE-2024-6923.md
+++ b/2024/CVE-2024-6923.md
@@ -10,7 +10,7 @@ There is a MEDIUM severity vulnerability affecting CPython.The email module didn
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/python/cpython/pull/122233
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-6937.md b/2024/CVE-2024-6937.md
new file mode 100644
index 0000000000..fa9207d744
--- /dev/null
+++ b/2024/CVE-2024-6937.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6937](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6937)
+![](https://img.shields.io/static/v1?label=Product&message=Form%20Tools&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%203.1.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-73%20File%20Inclusion&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curl_exec of the file /admin/forms/option_lists/edit.php of the component Import Option List. The manipulation of the argument url leads to file inclusion. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-271992. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/DeepMountains/Mirage/blob/main/CVE2-3.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6958.md b/2024/CVE-2024-6958.md
new file mode 100644
index 0000000000..69897a4ad8
--- /dev/null
+++ b/2024/CVE-2024-6958.md
@@ -0,0 +1,17 @@
+### [CVE-2024-6958](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6958)
+![](https://img.shields.io/static/v1?label=Product&message=University%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen)
+
+### Description
+
+A vulnerability classified as critical was found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /st_update.php of the component Avatar File Handler. The manipulation of the argument personal_image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272080.
+
+### POC
+
+#### Reference
+- https://github.com/DeepMountains/Mirage/blob/main/CVE6-4.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-6962.md b/2024/CVE-2024-6962.md
index 49802d345f..4e86bfc54f 100644
--- a/2024/CVE-2024-6962.md
+++ b/2024/CVE-2024-6962.md
@@ -10,7 +10,7 @@ A vulnerability classified as critical was found in Tenda O3 1.0.0.10. This vuln
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/O3V2.0/formQosSet.md
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-6964.md b/2024/CVE-2024-6964.md
index 3befcd7a72..9e55479709 100644
--- a/2024/CVE-2024-6964.md
+++ b/2024/CVE-2024-6964.md
@@ -10,7 +10,7 @@ A vulnerability, which was classified as critical, was found in Tenda O3 1.0.0.1
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/O3V2.0/fromDhcpSetSer.md
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-6965.md b/2024/CVE-2024-6965.md
index ef246c598d..95f728fd83 100644
--- a/2024/CVE-2024-6965.md
+++ b/2024/CVE-2024-6965.md
@@ -10,7 +10,7 @@ A vulnerability has been found in Tenda O3 1.0.0.10 and classified as critical.
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/O3V2.0/fromVirtualSet.md
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
diff --git a/2024/CVE-2024-7258.md b/2024/CVE-2024-7258.md
new file mode 100644
index 0000000000..ccf5ad1dbb
--- /dev/null
+++ b/2024/CVE-2024-7258.md
@@ -0,0 +1,17 @@
+### [CVE-2024-7258](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7258)
+![](https://img.shields.io/static/v1?label=Product&message=WooCommerce%20Google%20Feed%20Manager&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.8.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen)
+
+### Description
+
+The WooCommerce Google Feed Manager plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wppfm_removeFeedFile' function in all versions up to, and including, 2.8.0. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-7351.md b/2024/CVE-2024-7351.md
new file mode 100644
index 0000000000..d02679e4d6
--- /dev/null
+++ b/2024/CVE-2024-7351.md
@@ -0,0 +1,17 @@
+### [CVE-2024-7351](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7351)
+![](https://img.shields.io/static/v1?label=Product&message=Simple%20Job%20Board&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.12.3%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brighgreen)
+
+### Description
+
+The Simple Job Board plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.12.3 via deserialization of untrusted input when editing job applications. This makes it possible for authenticated attackers, with Editor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-7559.md b/2024/CVE-2024-7559.md
new file mode 100644
index 0000000000..718d906ed2
--- /dev/null
+++ b/2024/CVE-2024-7559.md
@@ -0,0 +1,17 @@
+### [CVE-2024-7559](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7559)
+![](https://img.shields.io/static/v1?label=Product&message=File%20Manager%20Pro&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%208.3.7%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen)
+
+### Description
+
+The File Manager Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and capability checks in the mk_file_folder_manager AJAX action in all versions up to, and including, 8.3.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+
diff --git a/2024/CVE-2024-7954.md b/2024/CVE-2024-7954.md
new file mode 100644
index 0000000000..0884c7622d
--- /dev/null
+++ b/2024/CVE-2024-7954.md
@@ -0,0 +1,17 @@
+### [CVE-2024-7954](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7954)
+![](https://img.shields.io/static/v1?label=Product&message=SPIP&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=4.3.0-alpha%3C%204.3.0-alpha2%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%20Improper%20Access%20Control&color=brighgreen)
+
+### Description
+
+The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.
+
+### POC
+
+#### Reference
+- https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_1_the_feather/
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-7986.md b/2024/CVE-2024-7986.md
new file mode 100644
index 0000000000..213f8ed9e6
--- /dev/null
+++ b/2024/CVE-2024-7986.md
@@ -0,0 +1,17 @@
+### [CVE-2024-7986](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7986)
+![](https://img.shields.io/static/v1?label=Product&message=ThinManager%C2%AE%20ThinServer%E2%84%A2&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.1.0-11.1.7%2011.2.0-11.2.8%2012.0.0-12.0.6%2012.1.0-12.1.7%2013.0.0-13.0.4%2013.1.0-13.1.2%2013.2.0-13.2.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-732%20Incorrect%20Permission%20Assignment%20for%20Critical%20Resource&color=brighgreen)
+
+### Description
+
+A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat actor to disclose sensitive information. A threat actor can exploit this vulnerability by abusing the ThinServer™ service to read arbitrary files by creating a junction that points to the target directory.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-8112.md b/2024/CVE-2024-8112.md
new file mode 100644
index 0000000000..6471d279c7
--- /dev/null
+++ b/2024/CVE-2024-8112.md
@@ -0,0 +1,17 @@
+### [CVE-2024-8112](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8112)
+![](https://img.shields.io/static/v1?label=Product&message=JeeSite&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%205.3%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen)
+
+### Description
+
+A vulnerability was found in thinkgem JeeSite 5.3. It has been rated as problematic. This issue affects some unknown processing of the file /js/a/login of the component Cookie Handler. The manipulation of the argument skinName leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/2024/CVE-2024-8113.md b/2024/CVE-2024-8113.md
new file mode 100644
index 0000000000..1328df6951
--- /dev/null
+++ b/2024/CVE-2024-8113.md
@@ -0,0 +1,17 @@
+### [CVE-2024-8113](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8113)
+![](https://img.shields.io/static/v1?label=Product&message=pretix&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+Stored XSS in organizer and event settings of pretix up to 2024.7.0 allows malicious event organizers to inject HTML tags into e-mail previews on settings page. The default Content Security Policy of pretix prevents execution of attacker-provided scripts, making exploitation unlikely. However, combined with a CSP bypass (which is not currently known) the vulnerability could be used to impersonate other organizers or staff users.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
diff --git a/github.txt b/github.txt
index ad0fad77d3..e1f678c9cd 100644
--- a/github.txt
+++ b/github.txt
@@ -13671,6 +13671,7 @@ CVE-2014-4210 - https://github.com/openx-org/BLEN
 CVE-2014-4210 - https://github.com/password520/RedTeamer
 CVE-2014-4210 - https://github.com/pwnagelabs/VEF
 CVE-2014-4210 - https://github.com/qi4L/WeblogicScan.go
+CVE-2014-4210 - https://github.com/qiuluo-oss/Tiger
 CVE-2014-4210 - https://github.com/rabbitmask/WeblogicScan
 CVE-2014-4210 - https://github.com/rabbitmask/WeblogicScanLot
 CVE-2014-4210 - https://github.com/rabbitmask/WeblogicScanServer
@@ -24156,6 +24157,7 @@ CVE-2016-3088 - https://github.com/openx-org/BLEN
 CVE-2016-3088 - https://github.com/pravinsrc/NOTES-windows-kernel-links
 CVE-2016-3088 - https://github.com/pudiding/CVE-2016-3088
 CVE-2016-3088 - https://github.com/qazbnm456/awesome-cve-poc
+CVE-2016-3088 - https://github.com/qiuluo-oss/Tiger
 CVE-2016-3088 - https://github.com/retr0-13/Goby
 CVE-2016-3088 - https://github.com/sponkmonk/Ladon_english_update
 CVE-2016-3088 - https://github.com/t0m4too/t0m4to
@@ -33957,6 +33959,7 @@ CVE-2017-12615 - https://github.com/pentration/gongkaishouji
 CVE-2017-12615 - https://github.com/q99266/saury-vulnhub
 CVE-2017-12615 - https://github.com/qazbnm456/awesome-cve-poc
 CVE-2017-12615 - https://github.com/qiantu88/Tomcat-Exploit
+CVE-2017-12615 - https://github.com/qiuluo-oss/Tiger
 CVE-2017-12615 - https://github.com/qiwentaidi/Slack
 CVE-2017-12615 - https://github.com/r0eXpeR/redteam_vul
 CVE-2017-12615 - https://github.com/safe6Sec/PentestNote
@@ -34955,6 +34958,7 @@ CVE-2017-14849 - https://github.com/merlinepedra/nuclei-templates
 CVE-2017-14849 - https://github.com/merlinepedra25/nuclei-templates
 CVE-2017-14849 - https://github.com/openx-org/BLEN
 CVE-2017-14849 - https://github.com/q99266/saury-vulnhub
+CVE-2017-14849 - https://github.com/qiuluo-oss/Tiger
 CVE-2017-14849 - https://github.com/ronoski/j2ee-rscan
 CVE-2017-14849 - https://github.com/snyk-labs/container-breaking-in-goof
 CVE-2017-14849 - https://github.com/sobinge/nuclei-templates
@@ -35959,6 +35963,7 @@ CVE-2017-16894 - https://github.com/SexyBeast233/SecBooks
 CVE-2017-16894 - https://github.com/Threekiii/Awesome-POC
 CVE-2017-16894 - https://github.com/Z0fhack/Goby_POC
 CVE-2017-16894 - https://github.com/d4n-sec/d4n-sec.github.io
+CVE-2017-16894 - https://github.com/qiuluo-oss/Tiger
 CVE-2017-16894 - https://github.com/v4p0r/rooon-fiuuu
 CVE-2017-16900 - https://github.com/summtime/CVE
 CVE-2017-16905 - https://github.com/0xsaju/Awesome-Bugbounty-Writeups
@@ -36781,6 +36786,7 @@ CVE-2017-18349 - https://github.com/hinat0y/Dataset9
 CVE-2017-18349 - https://github.com/luckyfuture0177/VULOnceMore
 CVE-2017-18349 - https://github.com/openx-org/BLEN
 CVE-2017-18349 - https://github.com/pan2013e/ppt4j
+CVE-2017-18349 - https://github.com/qiuluo-oss/Tiger
 CVE-2017-18350 - https://github.com/ARPSyndicate/cvemon
 CVE-2017-18350 - https://github.com/uvhw/conchimgiangnang
 CVE-2017-18352 - https://github.com/ossf-cve-benchmark/CVE-2017-18352
@@ -46910,6 +46916,7 @@ CVE-2018-1273 - https://github.com/nBp1Ng/FrameworkAndComponentVulnerabilities
 CVE-2018-1273 - https://github.com/nBp1Ng/SpringFramework-Vul
 CVE-2018-1273 - https://github.com/onewinner/VulToolsKit
 CVE-2018-1273 - https://github.com/qazbnm456/awesome-cve-poc
+CVE-2018-1273 - https://github.com/qiuluo-oss/Tiger
 CVE-2018-1273 - https://github.com/ronoski/j2ee-rscan
 CVE-2018-1273 - https://github.com/seal-community/patches
 CVE-2018-1273 - https://github.com/snowlovely/HacLang
@@ -50346,6 +50353,7 @@ CVE-2018-18778 - https://github.com/gobysec/GobyExtension
 CVE-2018-18778 - https://github.com/openx-org/BLEN
 CVE-2018-18778 - https://github.com/petitfleur/prov_navigator
 CVE-2018-18778 - https://github.com/provnavigator/prov_navigator
+CVE-2018-18778 - https://github.com/qiuluo-oss/Tiger
 CVE-2018-18784 - https://github.com/superlink996/chunqiuyunjingbachang
 CVE-2018-18785 - https://github.com/superlink996/chunqiuyunjingbachang
 CVE-2018-18786 - https://github.com/superlink996/chunqiuyunjingbachang
@@ -57960,6 +57968,7 @@ CVE-2019-0232 - https://github.com/lp008/Hack-readme
 CVE-2019-0232 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2019-0232 - https://github.com/pyn3rd/CVE-2019-0232
 CVE-2019-0232 - https://github.com/qazbnm456/awesome-cve-poc
+CVE-2019-0232 - https://github.com/qiuluo-oss/Tiger
 CVE-2019-0232 - https://github.com/r0eXpeR/redteam_vul
 CVE-2019-0232 - https://github.com/rootameen/vulpine
 CVE-2019-0232 - https://github.com/safe6Sec/PentestNote
@@ -64214,6 +64223,7 @@ CVE-2019-11358 - https://github.com/pchusdb/FtcRobotController-20211223-120805-r
 CVE-2019-11358 - https://github.com/pcrobotics2/2023-15425-CenterStage
 CVE-2019-11358 - https://github.com/pcrobotics2/2023-19545-CenterStage
 CVE-2019-11358 - https://github.com/pcrobotics2/2023-22130-CenterStage
+CVE-2019-11358 - https://github.com/perfectparadox8400/8400_2024
 CVE-2019-11358 - https://github.com/petergriffinnn/code
 CVE-2019-11358 - https://github.com/petthepotat-dump/FTC-22-23-Refactored
 CVE-2019-11358 - https://github.com/pgdev1729/FTC-Robot-Controller-Centerstage
@@ -79015,6 +79025,7 @@ CVE-2020-10199 - https://github.com/wsfengfan/CVE-2020-10199-10204
 CVE-2020-10199 - https://github.com/xuetusummer/Penetration_Testing_POC
 CVE-2020-10199 - https://github.com/yedada-wei/-
 CVE-2020-10199 - https://github.com/yedada-wei/gongkaishouji
+CVE-2020-10199 - https://github.com/zhaojunliing/awesome-stars
 CVE-2020-10199 - https://github.com/zhzyker/CVE-2020-10199_POC-EXP
 CVE-2020-10199 - https://github.com/zhzyker/exphub
 CVE-2020-10199 - https://github.com/zoroqi/my-awesome
@@ -79091,6 +79102,7 @@ CVE-2020-10204 - https://github.com/wsfengfan/CVE-2020-10199-10204
 CVE-2020-10204 - https://github.com/xuetusummer/Penetration_Testing_POC
 CVE-2020-10204 - https://github.com/yedada-wei/-
 CVE-2020-10204 - https://github.com/yedada-wei/gongkaishouji
+CVE-2020-10204 - https://github.com/zhaojunliing/awesome-stars
 CVE-2020-10204 - https://github.com/zhzyker/CVE-2020-10204
 CVE-2020-10204 - https://github.com/zhzyker/exphub
 CVE-2020-10204 - https://github.com/zoroqi/my-awesome
@@ -80580,6 +80592,7 @@ CVE-2020-11444 - https://github.com/qingyuanfeiniao/Chinese-Top-Charts
 CVE-2020-11444 - https://github.com/soosmile/POC
 CVE-2020-11444 - https://github.com/weeka10/-hktalent-TOP
 CVE-2020-11444 - https://github.com/whoadmin/pocs
+CVE-2020-11444 - https://github.com/zhaojunliing/awesome-stars
 CVE-2020-11444 - https://github.com/zhzyker/CVE-2020-11444
 CVE-2020-11444 - https://github.com/zhzyker/exphub
 CVE-2020-11444 - https://github.com/zoroqi/my-awesome
@@ -82857,6 +82870,7 @@ CVE-2020-13945 - https://github.com/Z0fhack/Goby_POC
 CVE-2020-13945 - https://github.com/bakery312/Vulhub-Reproduce
 CVE-2020-13945 - https://github.com/bigblackhat/oFx
 CVE-2020-13945 - https://github.com/openx-org/BLEN
+CVE-2020-13945 - https://github.com/qiuluo-oss/Tiger
 CVE-2020-13945 - https://github.com/samurai411/toolbox
 CVE-2020-13945 - https://github.com/t0m4too/t0m4to
 CVE-2020-13945 - https://github.com/tanjiti/sec_profile
@@ -84412,6 +84426,7 @@ CVE-2020-14882 - https://github.com/yhy0/ExpDemo-JavaFX
 CVE-2020-14882 - https://github.com/yichensec/Bug_writer
 CVE-2020-14882 - https://github.com/yyzsec/2021SecWinterTask
 CVE-2020-14882 - https://github.com/zer0yu/Awesome-CobaltStrike
+CVE-2020-14882 - https://github.com/zhaojunliing/awesome-stars
 CVE-2020-14882 - https://github.com/zhzyker/exphub
 CVE-2020-14882 - https://github.com/zhzyker/vulmap
 CVE-2020-14882 - https://github.com/zoroqi/my-awesome
@@ -86861,6 +86876,7 @@ CVE-2020-1938 - https://github.com/yedada-wei/-
 CVE-2020-1938 - https://github.com/yedada-wei/gongkaishouji
 CVE-2020-1938 - https://github.com/yq1ng/Java
 CVE-2020-1938 - https://github.com/ze0r/GhostCat-LFI-exp
+CVE-2020-1938 - https://github.com/zhaojunliing/awesome-stars
 CVE-2020-1938 - https://github.com/zhzyker/exphub
 CVE-2020-1938 - https://github.com/zoroqi/my-awesome
 CVE-2020-1941 - https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
@@ -88792,6 +88808,7 @@ CVE-2020-2551 - https://github.com/xuetusummer/Penetration_Testing_POC
 CVE-2020-2551 - https://github.com/yedada-wei/-
 CVE-2020-2551 - https://github.com/yedada-wei/gongkaishouji
 CVE-2020-2551 - https://github.com/zema1/oracle-vuln-crawler
+CVE-2020-2551 - https://github.com/zhaojunliing/awesome-stars
 CVE-2020-2551 - https://github.com/zhzyker/exphub
 CVE-2020-2551 - https://github.com/zoroqi/my-awesome
 CVE-2020-2551 - https://github.com/zzwlpx/weblogicPoc
@@ -88994,6 +89011,7 @@ CVE-2020-2555 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
 CVE-2020-2555 - https://github.com/xuetusummer/Penetration_Testing_POC
 CVE-2020-2555 - https://github.com/yedada-wei/-
 CVE-2020-2555 - https://github.com/yedada-wei/gongkaishouji
+CVE-2020-2555 - https://github.com/zhaojunliing/awesome-stars
 CVE-2020-2555 - https://github.com/zhzyker/exphub
 CVE-2020-2555 - https://github.com/zhzyker/vulmap
 CVE-2020-2555 - https://github.com/zoroqi/my-awesome
@@ -90952,6 +90970,7 @@ CVE-2020-2883 - https://github.com/xbl2022/awesome-hacking-lists
 CVE-2020-2883 - https://github.com/xuetusummer/Penetration_Testing_POC
 CVE-2020-2883 - https://github.com/yedada-wei/-
 CVE-2020-2883 - https://github.com/yedada-wei/gongkaishouji
+CVE-2020-2883 - https://github.com/zhaojunliing/awesome-stars
 CVE-2020-2883 - https://github.com/zhzyker/exphub
 CVE-2020-2883 - https://github.com/zhzyker/vulmap
 CVE-2020-2883 - https://github.com/zoroqi/my-awesome
@@ -93262,6 +93281,7 @@ CVE-2020-5410 - https://github.com/pen4uin/awesome-vulnerability-research
 CVE-2020-5410 - https://github.com/pen4uin/vulnerability-research
 CVE-2020-5410 - https://github.com/pen4uin/vulnerability-research-list
 CVE-2020-5410 - https://github.com/pentration/gongkaishouji
+CVE-2020-5410 - https://github.com/qiuluo-oss/Tiger
 CVE-2020-5410 - https://github.com/readloud/Awesome-Stars
 CVE-2020-5410 - https://github.com/ronoski/j2ee-rscan
 CVE-2020-5410 - https://github.com/shadowsock5/spring-cloud-config-starter
@@ -100118,6 +100138,7 @@ CVE-2021-21315 - https://github.com/mintoolkit/mint
 CVE-2021-21315 - https://github.com/mmk-1/kubernetes-poc
 CVE-2021-21315 - https://github.com/n1sh1th/CVE-POC
 CVE-2021-21315 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
+CVE-2021-21315 - https://github.com/qiuluo-oss/Tiger
 CVE-2021-21315 - https://github.com/slimtoolkit/slim
 CVE-2021-21315 - https://github.com/soosmile/POC
 CVE-2021-21315 - https://github.com/superlink996/chunqiuyunjingbachang
@@ -107808,6 +107829,7 @@ CVE-2021-3129 - https://github.com/pen4uin/awesome-vulnerability-research
 CVE-2021-3129 - https://github.com/pen4uin/vulnerability-research
 CVE-2021-3129 - https://github.com/pen4uin/vulnerability-research-list
 CVE-2021-3129 - https://github.com/qingchenhh/Tools-collection
+CVE-2021-3129 - https://github.com/qiuluo-oss/Tiger
 CVE-2021-3129 - https://github.com/r3volved/CVEAggregate
 CVE-2021-3129 - https://github.com/ramimac/aws-customer-security-incidents
 CVE-2021-3129 - https://github.com/randolphcyg/nuclei-plus
@@ -120176,6 +120198,7 @@ CVE-2021-45232 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
 CVE-2021-45232 - https://github.com/pen4uin/awesome-vulnerability-research
 CVE-2021-45232 - https://github.com/pen4uin/vulnerability-research
 CVE-2021-45232 - https://github.com/pen4uin/vulnerability-research-list
+CVE-2021-45232 - https://github.com/qiuluo-oss/Tiger
 CVE-2021-45232 - https://github.com/soosmile/POC
 CVE-2021-45232 - https://github.com/t0m4too/t0m4to
 CVE-2021-45232 - https://github.com/trhacknon/Pocingit
@@ -140003,6 +140026,7 @@ CVE-2022-40734 - https://github.com/KayCHENvip/vulnerability-poc
 CVE-2022-40734 - https://github.com/Miraitowa70/POC-Notes
 CVE-2022-40734 - https://github.com/Threekiii/Awesome-POC
 CVE-2022-40734 - https://github.com/d4n-sec/d4n-sec.github.io
+CVE-2022-40734 - https://github.com/qiuluo-oss/Tiger
 CVE-2022-40735 - https://github.com/Live-Hack-CVE/CVE-2022-40735
 CVE-2022-40735 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2022-40736 - https://github.com/karimhabush/cyberowl
@@ -140522,6 +140546,7 @@ CVE-2022-41678 - https://github.com/Threekiii/CVE
 CVE-2022-41678 - https://github.com/Threekiii/Vulhub-Reproduce
 CVE-2022-41678 - https://github.com/bakery312/Vulhub-Reproduce
 CVE-2022-41678 - https://github.com/d4n-sec/d4n-sec.github.io
+CVE-2022-41678 - https://github.com/qiuluo-oss/Tiger
 CVE-2022-41678 - https://github.com/tanjiti/sec_profile
 CVE-2022-41678 - https://github.com/wjlin0/poc-doc
 CVE-2022-41678 - https://github.com/wy876/POC
@@ -141459,6 +141484,7 @@ CVE-2022-43571 - https://github.com/whoforget/CVE-POC
 CVE-2022-43571 - https://github.com/youwizard/CVE-POC
 CVE-2022-4361 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2022-4363 - https://github.com/IamAlch3mist/Awesome-Embedded-Systems-Vulnerability-Research
+CVE-2022-43634 - https://github.com/DiRaltvein/memory-corruption-examples
 CVE-2022-43634 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2022-43635 - https://github.com/IamAlch3mist/Awesome-Embedded-Systems-Vulnerability-Research
 CVE-2022-43636 - https://github.com/IamAlch3mist/Awesome-Embedded-Systems-Vulnerability-Research
@@ -141513,6 +141539,7 @@ CVE-2022-4383 - https://github.com/cyllective/CVEs
 CVE-2022-4384 - https://github.com/HotDB-Community/HotDB-Engine
 CVE-2022-43880 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2022-43890 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2022-43915 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2022-43931 - https://github.com/Threekiii/CVE
 CVE-2022-43945 - https://github.com/ARPSyndicate/cvemon
 CVE-2022-4395 - https://github.com/ARPSyndicate/cvemon
@@ -151379,6 +151406,7 @@ CVE-2023-38646 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2023-38646 - https://github.com/passwa11/2023Hvv_
 CVE-2023-38646 - https://github.com/passwa11/CVE-2023-38646
 CVE-2023-38646 - https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
+CVE-2023-38646 - https://github.com/qiuluo-oss/Tiger
 CVE-2023-38646 - https://github.com/raytheon0x21/CVE-2023-38646
 CVE-2023-38646 - https://github.com/robotmikhro/CVE-2023-38646
 CVE-2023-38646 - https://github.com/samurai411/toolbox
@@ -152250,6 +152278,7 @@ CVE-2023-4109 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-41098 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-41099 - https://github.com/NaInSec/CVE-LIST
 CVE-2023-41100 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-41101 - https://github.com/DiRaltvein/memory-corruption-examples
 CVE-2023-41104 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-41105 - https://github.com/JawadPy/CVE-2023-41105-Exploit
 CVE-2023-41105 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -153529,6 +153558,7 @@ CVE-2023-4468 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-4469 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-44693 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2023-44694 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2023-44709 - https://github.com/DiRaltvein/memory-corruption-examples
 CVE-2023-4473 - https://github.com/Tig3rHu/Awesome_IOT_Vul_lib
 CVE-2023-4474 - https://github.com/Tig3rHu/Awesome_IOT_Vul_lib
 CVE-2023-44758 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -163208,6 +163238,7 @@ CVE-2024-20767 - https://github.com/ibaiw/2024Hvv
 CVE-2024-20767 - https://github.com/m-cetin/CVE-2024-20767
 CVE-2024-20767 - https://github.com/netlas-io/netlas-dorks
 CVE-2024-20767 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-20767 - https://github.com/qiuluo-oss/Tiger
 CVE-2024-20767 - https://github.com/tanjiti/sec_profile
 CVE-2024-20767 - https://github.com/trganda/starrlist
 CVE-2024-20767 - https://github.com/wjlin0/poc-doc
@@ -163771,6 +163802,7 @@ CVE-2024-21683 - https://github.com/wy876/POC
 CVE-2024-21683 - https://github.com/wy876/wiki
 CVE-2024-21683 - https://github.com/xh4vm/CVE-2024-21683
 CVE-2024-21683 - https://github.com/zhaoxiaoha/github-trending
+CVE-2024-21689 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-2169 - https://github.com/NaInSec/CVE-LIST
 CVE-2024-2169 - https://github.com/douglasbuzatto/G3-Loop-DoS
 CVE-2024-2169 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -163783,6 +163815,7 @@ CVE-2024-21733 - https://github.com/Marco-zcl/POC
 CVE-2024-21733 - https://github.com/Ostorlab/KEV
 CVE-2024-21733 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-21733 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-21733 - https://github.com/qiuluo-oss/Tiger
 CVE-2024-21733 - https://github.com/tanjiti/sec_profile
 CVE-2024-21733 - https://github.com/versio-io/product-lifecycle-security-api
 CVE-2024-21733 - https://github.com/wjlin0/poc-doc
@@ -164184,6 +164217,7 @@ CVE-2024-22262 - https://github.com/hinat0y/Dataset8
 CVE-2024-22262 - https://github.com/hinat0y/Dataset9
 CVE-2024-22262 - https://github.com/tanjiti/sec_profile
 CVE-2024-22263 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-22263 - https://github.com/tanjiti/sec_profile
 CVE-2024-22264 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-22266 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-2227 - https://github.com/NaInSec/CVE-LIST
@@ -167679,6 +167713,7 @@ CVE-2024-28864 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28865 - https://github.com/NaInSec/CVE-LIST
 CVE-2024-28865 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28868 - https://github.com/NaInSec/CVE-LIST
+CVE-2024-2887 - https://github.com/TrojanAZhen/Self_Back
 CVE-2024-2887 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28871 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-28878 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -170518,6 +170553,7 @@ CVE-2024-38856 - https://github.com/RacerZ-fighting/RacerZ-fighting
 CVE-2024-38856 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-38856 - https://github.com/k3ppf0r/2024-PocLib
 CVE-2024-38856 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-38856 - https://github.com/qiuluo-oss/Tiger
 CVE-2024-38856 - https://github.com/tanjiti/sec_profile
 CVE-2024-38856 - https://github.com/wy876/POC
 CVE-2024-38856 - https://github.com/wy876/wiki
@@ -170628,6 +170664,7 @@ CVE-2024-39662 - https://github.com/20142995/nuclei-templates
 CVE-2024-39663 - https://github.com/20142995/nuclei-templates
 CVE-2024-39664 - https://github.com/20142995/nuclei-templates
 CVE-2024-39665 - https://github.com/20142995/nuclei-templates
+CVE-2024-39666 - https://github.com/20142995/nuclei-templates
 CVE-2024-39668 - https://github.com/20142995/nuclei-templates
 CVE-2024-3967 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-39670 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -170846,6 +170883,7 @@ CVE-2024-40324 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-4033 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4034 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-40348 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-40348 - https://github.com/qiuluo-oss/Tiger
 CVE-2024-40348 - https://github.com/wy876/POC
 CVE-2024-40348 - https://github.com/wy876/wiki
 CVE-2024-4036 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -171069,6 +171107,7 @@ CVE-2024-4199 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-41990 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-41991 - https://github.com/ch4n3-yoon/ch4n3-yoon
 CVE-2024-41991 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-41992 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-41995 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4200 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42005 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -171202,6 +171241,8 @@ CVE-2024-42765 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42766 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42784 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-42785 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-42834 - https://github.com/nomi-sec/PoC-in-GitHub
+CVE-2024-42845 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-42849 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-42850 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-4286 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -171218,6 +171259,7 @@ CVE-2024-42992 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-4300 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4301 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43022 - https://github.com/b0rgch3n/b0rgch3n
+CVE-2024-43035 - https://github.com/nomi-sec/PoC-in-GitHub
 CVE-2024-43044 - https://github.com/Ostorlab/KEV
 CVE-2024-43044 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43044 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -171329,49 +171371,109 @@ CVE-2024-43233 - https://github.com/20142995/nuclei-templates
 CVE-2024-43233 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43235 - https://github.com/20142995/nuclei-templates
 CVE-2024-43236 - https://github.com/20142995/nuclei-templates
+CVE-2024-43238 - https://github.com/20142995/nuclei-templates
 CVE-2024-43238 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43239 - https://github.com/20142995/nuclei-templates
 CVE-2024-4324 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43240 - https://github.com/20142995/nuclei-templates
+CVE-2024-43241 - https://github.com/20142995/nuclei-templates
+CVE-2024-43242 - https://github.com/20142995/nuclei-templates
+CVE-2024-43244 - https://github.com/20142995/nuclei-templates
+CVE-2024-43245 - https://github.com/20142995/nuclei-templates
+CVE-2024-43246 - https://github.com/20142995/nuclei-templates
+CVE-2024-43247 - https://github.com/20142995/nuclei-templates
+CVE-2024-43248 - https://github.com/20142995/nuclei-templates
+CVE-2024-43249 - https://github.com/20142995/nuclei-templates
+CVE-2024-43250 - https://github.com/20142995/nuclei-templates
+CVE-2024-43251 - https://github.com/20142995/nuclei-templates
+CVE-2024-43252 - https://github.com/20142995/nuclei-templates
+CVE-2024-43253 - https://github.com/20142995/nuclei-templates
+CVE-2024-43254 - https://github.com/20142995/nuclei-templates
+CVE-2024-43255 - https://github.com/20142995/nuclei-templates
+CVE-2024-43256 - https://github.com/20142995/nuclei-templates
+CVE-2024-43257 - https://github.com/20142995/nuclei-templates
+CVE-2024-43258 - https://github.com/20142995/nuclei-templates
+CVE-2024-43259 - https://github.com/20142995/nuclei-templates
+CVE-2024-43260 - https://github.com/20142995/nuclei-templates
+CVE-2024-43261 - https://github.com/20142995/nuclei-templates
+CVE-2024-43262 - https://github.com/20142995/nuclei-templates
+CVE-2024-43263 - https://github.com/20142995/nuclei-templates
+CVE-2024-43264 - https://github.com/20142995/nuclei-templates
+CVE-2024-43265 - https://github.com/20142995/nuclei-templates
+CVE-2024-43266 - https://github.com/20142995/nuclei-templates
+CVE-2024-43267 - https://github.com/20142995/nuclei-templates
+CVE-2024-43268 - https://github.com/20142995/nuclei-templates
+CVE-2024-43269 - https://github.com/20142995/nuclei-templates
+CVE-2024-43270 - https://github.com/20142995/nuclei-templates
+CVE-2024-43271 - https://github.com/20142995/nuclei-templates
+CVE-2024-43272 - https://github.com/20142995/nuclei-templates
+CVE-2024-43273 - https://github.com/20142995/nuclei-templates
+CVE-2024-43276 - https://github.com/20142995/nuclei-templates
 CVE-2024-43276 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43277 - https://github.com/20142995/nuclei-templates
+CVE-2024-43278 - https://github.com/20142995/nuclei-templates
+CVE-2024-43279 - https://github.com/20142995/nuclei-templates
 CVE-2024-4328 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43280 - https://github.com/20142995/nuclei-templates
+CVE-2024-43281 - https://github.com/20142995/nuclei-templates
+CVE-2024-43282 - https://github.com/20142995/nuclei-templates
+CVE-2024-43283 - https://github.com/20142995/nuclei-templates
+CVE-2024-43284 - https://github.com/20142995/nuclei-templates
 CVE-2024-43285 - https://github.com/20142995/nuclei-templates
 CVE-2024-43287 - https://github.com/20142995/nuclei-templates
+CVE-2024-43288 - https://github.com/20142995/nuclei-templates
+CVE-2024-43289 - https://github.com/20142995/nuclei-templates
 CVE-2024-43290 - https://github.com/20142995/nuclei-templates
 CVE-2024-43291 - https://github.com/20142995/nuclei-templates
+CVE-2024-43292 - https://github.com/20142995/nuclei-templates
 CVE-2024-43293 - https://github.com/20142995/nuclei-templates
 CVE-2024-43294 - https://github.com/20142995/nuclei-templates
 CVE-2024-43295 - https://github.com/20142995/nuclei-templates
+CVE-2024-43296 - https://github.com/20142995/nuclei-templates
 CVE-2024-43297 - https://github.com/20142995/nuclei-templates
 CVE-2024-43298 - https://github.com/20142995/nuclei-templates
 CVE-2024-43299 - https://github.com/20142995/nuclei-templates
 CVE-2024-43301 - https://github.com/20142995/nuclei-templates
 CVE-2024-43302 - https://github.com/20142995/nuclei-templates
+CVE-2024-43303 - https://github.com/20142995/nuclei-templates
 CVE-2024-43304 - https://github.com/20142995/nuclei-templates
 CVE-2024-43305 - https://github.com/20142995/nuclei-templates
 CVE-2024-43305 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43306 - https://github.com/20142995/nuclei-templates
 CVE-2024-43306 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43307 - https://github.com/20142995/nuclei-templates
 CVE-2024-43307 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43308 - https://github.com/20142995/nuclei-templates
 CVE-2024-43308 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43309 - https://github.com/20142995/nuclei-templates
 CVE-2024-43309 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4331 - https://github.com/angelov-1080/CVE_Checker
 CVE-2024-4331 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43310 - https://github.com/20142995/nuclei-templates
+CVE-2024-43311 - https://github.com/20142995/nuclei-templates
 CVE-2024-43312 - https://github.com/20142995/nuclei-templates
+CVE-2024-43313 - https://github.com/20142995/nuclei-templates
 CVE-2024-43313 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43314 - https://github.com/20142995/nuclei-templates
 CVE-2024-43315 - https://github.com/20142995/nuclei-templates
 CVE-2024-43316 - https://github.com/20142995/nuclei-templates
 CVE-2024-43317 - https://github.com/20142995/nuclei-templates
+CVE-2024-43318 - https://github.com/20142995/nuclei-templates
 CVE-2024-43318 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43319 - https://github.com/20142995/nuclei-templates
 CVE-2024-43320 - https://github.com/20142995/nuclei-templates
 CVE-2024-43320 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43321 - https://github.com/20142995/nuclei-templates
 CVE-2024-43321 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43322 - https://github.com/20142995/nuclei-templates
 CVE-2024-43323 - https://github.com/20142995/nuclei-templates
 CVE-2024-43324 - https://github.com/20142995/nuclei-templates
 CVE-2024-43324 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43325 - https://github.com/20142995/nuclei-templates
 CVE-2024-43326 - https://github.com/20142995/nuclei-templates
+CVE-2024-43327 - https://github.com/20142995/nuclei-templates
 CVE-2024-43327 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43328 - https://github.com/20142995/nuclei-templates
 CVE-2024-43329 - https://github.com/20142995/nuclei-templates
 CVE-2024-43329 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4333 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -171380,6 +171482,7 @@ CVE-2024-43330 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43331 - https://github.com/20142995/nuclei-templates
 CVE-2024-43331 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43332 - https://github.com/20142995/nuclei-templates
+CVE-2024-43335 - https://github.com/20142995/nuclei-templates
 CVE-2024-43335 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43336 - https://github.com/20142995/nuclei-templates
 CVE-2024-43337 - https://github.com/20142995/nuclei-templates
@@ -171387,18 +171490,27 @@ CVE-2024-43339 - https://github.com/20142995/nuclei-templates
 CVE-2024-4334 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43340 - https://github.com/20142995/nuclei-templates
 CVE-2024-43341 - https://github.com/20142995/nuclei-templates
+CVE-2024-43342 - https://github.com/20142995/nuclei-templates
 CVE-2024-43342 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43343 - https://github.com/20142995/nuclei-templates
+CVE-2024-43344 - https://github.com/20142995/nuclei-templates
 CVE-2024-43344 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43345 - https://github.com/20142995/nuclei-templates
+CVE-2024-43346 - https://github.com/20142995/nuclei-templates
 CVE-2024-43346 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43347 - https://github.com/20142995/nuclei-templates
 CVE-2024-43347 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43348 - https://github.com/20142995/nuclei-templates
 CVE-2024-43348 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43349 - https://github.com/20142995/nuclei-templates
 CVE-2024-43349 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43350 - https://github.com/20142995/nuclei-templates
 CVE-2024-43351 - https://github.com/20142995/nuclei-templates
 CVE-2024-43351 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43352 - https://github.com/20142995/nuclei-templates
 CVE-2024-43352 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43353 - https://github.com/20142995/nuclei-templates
+CVE-2024-43354 - https://github.com/20142995/nuclei-templates
 CVE-2024-43355 - https://github.com/20142995/nuclei-templates
 CVE-2024-43356 - https://github.com/20142995/nuclei-templates
 CVE-2024-43358 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -171407,6 +171519,7 @@ CVE-2024-43360 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43373 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43381 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-43398 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-43398 - https://github.com/lifeparticle/Ruby-Cheatsheet
 CVE-2024-4340 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4345 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-4346 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -171870,6 +171983,7 @@ CVE-2024-5466 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5467 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5488 - https://github.com/20142995/nuclei-templates
 CVE-2024-5490 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-5502 - https://github.com/20142995/nuclei-templates
 CVE-2024-5502 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5503 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-5522 - https://github.com/nomi-sec/PoC-in-GitHub
@@ -172267,6 +172381,7 @@ CVE-2024-7246 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7247 - https://github.com/20142995/nuclei-templates
 CVE-2024-7247 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7255 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-7258 - https://github.com/20142995/nuclei-templates
 CVE-2024-7262 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7263 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7265 - https://github.com/fkie-cad/nvd-json-data-feeds
@@ -172291,6 +172406,7 @@ CVE-2024-7340 - https://github.com/20142995/nuclei-templates
 CVE-2024-7347 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7348 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7350 - https://github.com/20142995/nuclei-templates
+CVE-2024-7351 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7353 - https://github.com/20142995/nuclei-templates
 CVE-2024-7353 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7355 - https://github.com/20142995/nuclei-templates
@@ -172382,6 +172498,7 @@ CVE-2024-7552 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7553 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7554 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7556 - https://github.com/20142995/nuclei-templates
+CVE-2024-7559 - https://github.com/20142995/nuclei-templates
 CVE-2024-7560 - https://github.com/20142995/nuclei-templates
 CVE-2024-7561 - https://github.com/20142995/nuclei-templates
 CVE-2024-7574 - https://github.com/20142995/nuclei-templates
@@ -172408,6 +172525,7 @@ CVE-2024-7647 - https://github.com/20142995/nuclei-templates
 CVE-2024-7648 - https://github.com/20142995/nuclei-templates
 CVE-2024-7649 - https://github.com/20142995/nuclei-templates
 CVE-2024-7651 - https://github.com/20142995/nuclei-templates
+CVE-2024-7656 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-7689 - https://github.com/20142995/nuclei-templates
 CVE-2024-7690 - https://github.com/20142995/nuclei-templates
 CVE-2024-7691 - https://github.com/20142995/nuclei-templates
@@ -172486,6 +172604,7 @@ CVE-2024-8071 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-8072 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-8112 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-8113 - https://github.com/fkie-cad/nvd-json-data-feeds
+CVE-2024-8128 - https://github.com/fkie-cad/nvd-json-data-feeds
 CVE-2024-87654 - https://github.com/runwuf/clickhouse-test
 CVE-2024-98765 - https://github.com/runwuf/clickhouse-test
 CVE-2024-99999 - https://github.com/kolewttd/wtt
diff --git a/references.txt b/references.txt
index 38f674602c..e867e7b207 100644
--- a/references.txt
+++ b/references.txt
@@ -80716,6 +80716,7 @@ CVE-2022-1512 - https://packetstormsecurity.com/files/166820/
 CVE-2022-1512 - https://wpscan.com/vulnerability/a754a516-07fc-44f1-9c34-31e963460301
 CVE-2022-1514 - https://huntr.dev/bounties/4ae2a917-843a-4ae4-8197-8425a596761c
 CVE-2022-1526 - https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting(XSS).md
+CVE-2022-1526 - https://vuldb.com/?id.198705
 CVE-2022-1527 - https://wpscan.com/vulnerability/0260d5c0-52a9-44ce-b7be-aff642056d16
 CVE-2022-1528 - https://wpscan.com/vulnerability/d1e59894-382f-4151-8c4c-5608f3d8ac1f
 CVE-2022-1529 - https://bugzilla.mozilla.org/show_bug.cgi?id=1770048
@@ -89195,6 +89196,7 @@ CVE-2023-0916 - https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Auto%20
 CVE-2023-0916 - https://vuldb.com/?id.221491
 CVE-2023-0919 - https://huntr.dev/bounties/3c514923-473f-4c50-ae0d-d002a41fe70f
 CVE-2023-0924 - https://wpscan.com/vulnerability/0fd0d7a5-9263-43b6-9244-7880c3d3e6f4
+CVE-2023-0926 - https://github.com/samiahmedsiddiqui/custom-permalinks/pull/96
 CVE-2023-0937 - https://wpscan.com/vulnerability/5110ff02-c721-43eb-b13e-50aca25e1162
 CVE-2023-0938 - https://github.com/navaidzansari/CVE_Demo/blob/main/2023/Music%20Gallery%20Site%20-%20SQL%20Injection%201.md
 CVE-2023-0940 - https://wpscan.com/vulnerability/56744f72-2d48-4f42-8195-24b4dd951bb5
@@ -91234,6 +91236,7 @@ CVE-2023-27742 - https://github.com/G37SYS73M/CVE-2023-27742
 CVE-2023-27744 - https://www.southrivertech.com/software/nextgen/titanftp/en/relnotes.pdf
 CVE-2023-27745 - https://www.southrivertech.com/software/nextgen/titanftp/en/relnotes.pdf
 CVE-2023-27754 - https://github.com/10cksYiqiyinHangzhouTechnology/vox2mesh_poc
+CVE-2023-27772 - https://github.com/mz-automation/libiec61850/issues/442
 CVE-2023-27775 - https://github.com/marcovntr/CVE/blob/main/2023/CVE-2023-27775/CVE-2023-27775.md
 CVE-2023-27779 - https://docs.google.com/document/d/1kGzmc6AOCfRzJf9mDz4emkhQj84Y1XemmAMZjYK32-o/edit?usp=sharing
 CVE-2023-27781 - https://github.com/tjko/jpegoptim/issues/132
@@ -94185,6 +94188,7 @@ CVE-2023-44393 - https://github.com/Piwigo/Piwigo/security/advisories/GHSA-qg85-
 CVE-2023-44398 - https://github.com/Exiv2/exiv2/commit/e884a0955359107f4031c74a07406df7e99929a5
 CVE-2023-44400 - https://github.com/louislam/uptime-kuma/security/advisories/GHSA-g9v2-wqcj-j99g
 CVE-2023-4441 - https://vuldb.com/?id.237562
+CVE-2023-4442 - https://vuldb.com/?id.237563
 CVE-2023-44466 - https://github.com/google/security-research/security/advisories/GHSA-jg27-jx6w-xwph
 CVE-2023-44467 - https://github.com/langchain-ai/langchain/commit/4c97a10bd0d9385cfee234a63b5bd826a295e483
 CVE-2023-44469 - https://security.lauritz-holtmann.de/post/sso-security-ssrf/
@@ -94223,6 +94227,7 @@ CVE-2023-44487 - https://github.com/tempesta-tech/tempesta/issues/1986
 CVE-2023-44487 - https://github.com/varnishcache/varnish-cache/issues/3996
 CVE-2023-44487 - https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/
 CVE-2023-44487 - https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event
+CVE-2023-4449 - https://vuldb.com/?id.237570
 CVE-2023-4451 - https://huntr.dev/bounties/4e111c3e-6cf3-4b4c-b3c1-a540bf30f8fa
 CVE-2023-4453 - https://huntr.dev/bounties/245a8785-0fc0-4561-b181-fa20f869d993
 CVE-2023-4454 - https://huntr.dev/bounties/4ee0ef74-e4d4-46e7-a05c-076bce522299
@@ -94686,11 +94691,13 @@ CVE-2023-47384 - https://github.com/gpac/gpac/issues/2672
 CVE-2023-4739 - https://github.com/Meizhi-hua/cve/blob/main/upload_file.md
 CVE-2023-47397 - https://liotree.github.io/2023/webid.html
 CVE-2023-4740 - https://vuldb.com/?id.238629
+CVE-2023-4741 - https://vuldb.com/?id.238630
 CVE-2023-4744 - https://github.com/GleamingEyes/vul/blob/main/tenda_ac8/ac8_1.md
 CVE-2023-47444 - https://0xbro.red/disclosures/disclosed-vulnerabilities/opencart-cve-2023-47444/
 CVE-2023-47445 - https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47445%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20SQL%20Injection.md
 CVE-2023-47446 - https://github.com/termanix/PHPGrukul-Pre-School-Enrollment-System-v1.0/blob/main/CVE-2023-47446%20PHPGurukul-Pre-School-Enrollment-System-v1.0%20Stored%20XSS%20Vulnerability.md
 CVE-2023-4745 - https://github.com/Jacky-Y/vuls/blob/main/vul6.md
+CVE-2023-4745 - https://vuldb.com/?id.238634
 CVE-2023-47452 - https://github.com/xieqiang11/poc-1/tree/main
 CVE-2023-47453 - https://github.com/xieqiang11/poc-2/tree/main
 CVE-2023-47454 - https://github.com/xieqiang11/poc-3/tree/main
@@ -95064,6 +95071,7 @@ CVE-2023-49468 - https://github.com/strukturag/libde265/issues/432
 CVE-2023-49471 - https://github.com/zunak/CVE-2023-49471
 CVE-2023-49473 - https://github.com/Hack404-007/cves-info/blob/main/JF6000-exp
 CVE-2023-49484 - https://github.com/jiaofj/cms/blob/main/There%20is%20a%20storage%20based%20XSS%20in%20the%20article%20management%20department.md
+CVE-2023-49485 - https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20storage%20type%20XSS%20in%20the%20column%20management%20department.md
 CVE-2023-49486 - https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20stored%20XSS%20in%20the%20model%20management%20department.md
 CVE-2023-49487 - https://github.com/Rabb1ter/cms/blob/main/There%20is%20a%20stored%20XSS%20in%20the%20navigation%20management%20office.md
 CVE-2023-49492 - https://github.com/Hebing123/cve/issues/2
@@ -95124,6 +95132,8 @@ CVE-2023-49810 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-
 CVE-2023-4982 - https://huntr.dev/bounties/d3c2dd8a-883c-400e-a1a7-326c3fd37b9e
 CVE-2023-49867 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1904
 CVE-2023-4987 - http://packetstormsecurity.com/files/174760/Taskhub-2.8.7-SQL-Injection.html
+CVE-2023-4987 - https://vuldb.com/?id.239798
+CVE-2023-4991 - https://vuldb.com/?id.239804
 CVE-2023-49923 - https://www.elastic.co/community/security
 CVE-2023-49950 - https://github.com/shrikeinfosec/cve-2023-49950/blob/main/cve-2023-49950.md
 CVE-2023-49964 - https://github.com/mbadanoiu/CVE-2023-49964
@@ -98635,6 +98645,7 @@ CVE-2024-34058 - https://www.openwall.com/lists/oss-security/2024/05/16/3
 CVE-2024-3406 - https://wpscan.com/vulnerability/1bfab060-64d2-4c38-8bc8-a8f81c5a6e0d/
 CVE-2024-34061 - https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-pwgc-w4x9-gw67
 CVE-2024-34063 - https://github.com/matrix-org/vodozemac/commit/297548cad4016ce448c4b5007c54db7ee39489d9
+CVE-2024-34065 - https://github.com/strapi/strapi/security/advisories/GHSA-wrvh-rcmr-9qfc
 CVE-2024-3407 - https://wpscan.com/vulnerability/262348ab-a335-4acf-8e4d-229fc0b4972f/
 CVE-2024-34070 - https://github.com/froxlor/Froxlor/security/advisories/GHSA-x525-54hf-xr53
 CVE-2024-34075 - https://github.com/xiboon/kurwov/security/advisories/GHSA-hfrv-h3q8-9jpr
@@ -98678,7 +98689,9 @@ CVE-2024-34252 - https://github.com/wasm3/wasm3/issues/483
 CVE-2024-34257 - https://github.com/ZackSecurity/VulnerReport/blob/cve/totolink/EX1800T/1.md
 CVE-2024-34273 - https://github.com/chrisandoryan/vuln-advisory/blob/main/nJwt/CVE-2024-34273.md
 CVE-2024-34308 - https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20LR350/README.md
+CVE-2024-34312 - https://github.com/vincentscode/CVE-2024-34312
 CVE-2024-34313 - https://github.com/vincentscode/CVE-2024-34313
+CVE-2024-34329 - https://github.com/pamoutaf/CVE-2024-34329/blob/main/README.md
 CVE-2024-34332 - https://belong2yourself.github.io/vulnerabilities/docs/SANDRA/Elevation-of-Privileges/readme/
 CVE-2024-34340 - https://github.com/Cacti/cacti/security/advisories/GHSA-37x7-mfjv-mm7m
 CVE-2024-34345 - https://github.com/CycloneDX/cyclonedx-javascript-library/commit/5e5e1e0b9422f47d2de81c7c4064b803a01e7203
@@ -98687,6 +98700,7 @@ CVE-2024-34345 - https://github.com/CycloneDX/cyclonedx-javascript-library/secur
 CVE-2024-34347 - https://github.com/hoppscotch/hoppscotch/security/advisories/GHSA-qmmm-73r2-f8xr
 CVE-2024-34352 - https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847
 CVE-2024-34359 - https://github.com/abetlen/llama-cpp-python/security/advisories/GHSA-56xg-wfcc-g829
+CVE-2024-34361 - https://github.com/pi-hole/pi-hole/security/advisories/GHSA-jg6g-rrj6-xfg6
 CVE-2024-34362 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-hww5-43gv-35jv
 CVE-2024-34363 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-g979-ph9j-5gg4
 CVE-2024-3437 - https://vuldb.com/?id.259631
@@ -98705,6 +98719,7 @@ CVE-2024-3442 - https://vuldb.com/?id.259695
 CVE-2024-3443 - https://github.com/zyairelai/CVE-submissions/blob/main/prison-xss.md
 CVE-2024-34448 - https://github.com/phulelouch/CVEs/blob/main/CVE-2024-34448.md
 CVE-2024-3445 - https://vuldb.com/?id.259702
+CVE-2024-34452 - https://github.com/surajhacx/CVE-2024-34452/
 CVE-2024-34467 - https://github.com/top-think/framework/issues/2996
 CVE-2024-34470 - https://github.com/osvaldotenorio/CVE-2024-34470
 CVE-2024-34471 - https://github.com/osvaldotenorio/CVE-2024-34471
@@ -98726,6 +98741,8 @@ CVE-2024-34580 - https://shibboleth.atlassian.net/wiki/spaces/DEV/pages/37266718
 CVE-2024-34580 - https://www.sonatype.com/blog/the-exploited-ivanti-connect-ssrf-vulnerability-stems-from-xmltooling-oss-library
 CVE-2024-34582 - https://github.com/silent6trinity/CVE-2024-34582
 CVE-2024-34694 - https://github.com/lnbits/lnbits/security/advisories/GHSA-3j4h-h3fp-vwww
+CVE-2024-34702 - https://github.com/randombit/botan/security/advisories/GHSA-5gg9-hqpr-r58j
+CVE-2024-34703 - https://github.com/randombit/botan/security/advisories/GHSA-w4g2-7m2h-7xj7
 CVE-2024-3471 - https://wpscan.com/vulnerability/a3c282fb-81b8-48bf-8c18-8366ea8ad9af/
 CVE-2024-34710 - https://github.com/requarks/wiki/security/advisories/GHSA-xjcj-p2qv-q3rf
 CVE-2024-34714 - https://github.com/hoppscotch/hoppscotch-extension/security/advisories/GHSA-jjh5-pvqx-gg5v
@@ -98804,6 +98821,7 @@ CVE-2024-35236 - https://github.com/advplyr/audiobookshelf/security/advisories/G
 CVE-2024-3524 - https://vuldb.com/?id.259895
 CVE-2024-3529 - https://vuldb.com/?id.259899
 CVE-2024-35324 - https://github.com/w0x68y/cve-lists/blob/main/CMS/Douchat/Douchat%204.0.5%20arbitrary%20file%20upload%20vulnerability.md
+CVE-2024-35325 - https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35325.c
 CVE-2024-35326 - https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35326.c
 CVE-2024-35328 - https://github.com/idhyt/pocs/blob/main/libyaml/CVE-2024-35328.c
 CVE-2024-35333 - https://github.com/momo1239/CVE-2024-35333
@@ -99761,6 +99779,7 @@ CVE-2024-42849 - https://github.com/njmbb8/CVE-2024-42849/tree/main
 CVE-2024-4289 - https://wpscan.com/vulnerability/072785de-0ce5-42a4-a3fd-4eb1d1a2f1be/
 CVE-2024-4290 - https://wpscan.com/vulnerability/a9a10d0f-d8f2-4f3e-92bf-94fc08416d87/
 CVE-2024-4291 - https://github.com/L1ziang/Vulnerability/blob/main/formAddMacfilterRule.md
+CVE-2024-42918 - https://packetstormsecurity.com
 CVE-2024-4293 - https://github.com/Sospiro014/zday1/blob/main/doctor_appointment_management_system_xss.md
 CVE-2024-4294 - https://github.com/Sospiro014/zday1/blob/main/doctor_appointment_management_system_idor.md
 CVE-2024-42940 - https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1201/fromP2pListFilter.md
@@ -99806,9 +99825,11 @@ CVE-2024-43360 - https://github.com/ZoneMinder/zoneminder/security/advisories/GH
 CVE-2024-43373 - https://github.com/j4k0xb/webcrack/security/advisories/GHSA-ccqh-278p-xq6w
 CVE-2024-43374 - https://github.com/vim/vim/security/advisories/GHSA-2w8m-443v-cgvw
 CVE-2024-43381 - https://github.com/yogeshojha/rengine/security/advisories/GHSA-96q4-fj2m-jqf7
+CVE-2024-43396 - https://github.com/khoj-ai/khoj/security/advisories/GHSA-cf72-vg59-4j4h
 CVE-2024-4340 - https://github.com/advisories/GHSA-2m57-hf25-phgg
 CVE-2024-4340 - https://research.jfrog.com/vulnerabilities/sqlparse-stack-exhaustion-dos-jfsa-2024-001031292/
 CVE-2024-43401 - https://jira.xwiki.org/browse/XWIKI-20331
+CVE-2024-43403 - https://github.com/kanisterio/kanister/security/advisories/GHSA-h27c-6xm3-mcqp
 CVE-2024-4348 - https://vuldb.com/?submit.320855
 CVE-2024-4349 - https://github.com/CveSecLook/cve/issues/19
 CVE-2024-4372 - https://wpscan.com/vulnerability/13dcfd8a-e378-44b4-af6f-940bc41539a4/
@@ -99844,6 +99865,10 @@ CVE-2024-45167 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisorie
 CVE-2024-45167 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-051.txt
 CVE-2024-45168 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-049.txt
 CVE-2024-45169 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-052.txt
+CVE-2024-45187 - https://research.jfrog.com/vulnerabilities/mage-ai-deleted-users-rce-jfsa-2024-001039602/
+CVE-2024-45188 - https://research.jfrog.com/vulnerabilities/mage-ai-file-content-request-remote-arbitrary-file-leak-jfsa-2024-001039603/
+CVE-2024-45189 - https://research.jfrog.com/vulnerabilities/mage-ai-git-content-request-remote-arbitrary-file-leak-jfsa-2024-001039604/
+CVE-2024-45190 - https://research.jfrog.com/vulnerabilities/mage-ai-pipeline-interaction-request-remote-arbitrary-file-leak-jfsa-2024-001039605/
 CVE-2024-4528 - https://github.com/yylmm/CVE/blob/main/Prison%20Management%20System/xss2.md
 CVE-2024-4529 - https://wpscan.com/vulnerability/082ff0b8-2ecd-4292-832d-0a79e1ba8cb3/
 CVE-2024-4530 - https://wpscan.com/vulnerability/952f6b5c-7728-4c87-8826-6b493f51a979/
@@ -100177,9 +100202,11 @@ CVE-2024-5984 - https://github.com/LiuYongXiang-git/cve/issues/3
 CVE-2024-5985 - https://github.com/CveSecLook/cve/issues/45
 CVE-2024-6006 - https://vuldb.com/?submit.351403
 CVE-2024-6007 - https://github.com/SecureF1sh/findings/blob/main/ns_sqli.md
+CVE-2024-6008 - https://github.com/1902zdq/cve/issues/1
 CVE-2024-6009 - https://github.com/AutoZhou1/cve/issues/1
 CVE-2024-6011 - https://drive.google.com/file/d/1SFQXlRUQw7THm_Vay_pFH3pIX1cjH4AY/view?usp=sharing
 CVE-2024-6013 - https://github.com/gabriel202212/cve/issues/1
+CVE-2024-6014 - https://github.com/gabriel202212/cve/issues/2
 CVE-2024-6015 - https://github.com/chenwulin-bit/cve/issues/1
 CVE-2024-6016 - https://github.com/chenwulin-bit/cve/issues/2
 CVE-2024-6021 - https://wpscan.com/vulnerability/9d83cffd-7dcd-4301-8d4d-3043b14e05b5/
@@ -100192,7 +100219,10 @@ CVE-2024-6041 - https://github.com/ssiicckk/cve/issues/1
 CVE-2024-6042 - https://github.com/Cormac315/cve/issues/1
 CVE-2024-6043 - https://github.com/yezzzo/y3/blob/main/SourceCodester%20Best%20house%20rental%20management%20system%20project%20in%20php%201.0%20SQL%20Injection.md
 CVE-2024-6061 - https://github.com/gpac/gpac/issues/2871
+CVE-2024-6062 - https://github.com/gpac/gpac/issues/2872
+CVE-2024-6063 - https://github.com/gpac/gpac/issues/2873
 CVE-2024-6064 - https://github.com/gpac/gpac/issues/2874
+CVE-2024-6065 - https://github.com/ppp-src/CVE/issues/4
 CVE-2024-6070 - https://wpscan.com/vulnerability/97bab6cf-011c-4df4-976c-1f3252082f8f/
 CVE-2024-6072 - https://wpscan.com/vulnerability/1d8a344b-37e9-41e8-9de0-c67b7ca8e21b/
 CVE-2024-6073 - https://wpscan.com/vulnerability/f04994bc-9eef-46de-995b-8598f7a749c4/
@@ -100201,9 +100231,15 @@ CVE-2024-6075 - https://wpscan.com/vulnerability/b0e2658a-b075-48b6-a9d9-e141194
 CVE-2024-6076 - https://wpscan.com/vulnerability/8369a2d8-1780-40c3-90ff-a826b9e9afd4/
 CVE-2024-6084 - https://github.com/Laster-dev/CVE/issues/2
 CVE-2024-6094 - https://wpscan.com/vulnerability/019b3f34-7b85-4728-8dd7-ca472d6b2d06/
+CVE-2024-6109 - https://github.com/PHJ-doit/cve/issues/1
+CVE-2024-6110 - https://github.com/Laster-dev/CVE/issues/1
 CVE-2024-6111 - https://github.com/wangyuan-ui/CVE/issues/1
+CVE-2024-6112 - https://github.com/wangyuan-ui/CVE/issues/2
 CVE-2024-6113 - https://github.com/wangyuan-ui/CVE/issues/3
 CVE-2024-6114 - https://github.com/wangyuan-ui/CVE/issues/4
+CVE-2024-6115 - https://github.com/wangyuan-ui/CVE/issues/5
+CVE-2024-6116 - https://github.com/wangyuan-ui/CVE/issues/6
+CVE-2024-6127 - https://github.com/ACE-Responder/Empire-C2-RCE-PoC
 CVE-2024-6127 - https://vulncheck.com/advisories/empire-unauth-rce
 CVE-2024-6130 - https://wpscan.com/vulnerability/bbed2968-4bd6-49ae-bd61-8a1f751e7041/
 CVE-2024-6133 - https://wpscan.com/vulnerability/fd613e1e-557c-4383-a3e9-4c14bc0be0c5/
@@ -100214,6 +100250,7 @@ CVE-2024-6158 - https://wpscan.com/vulnerability/8adb219f-f0a6-4e87-8626-db26e30
 CVE-2024-6164 - https://wpscan.com/vulnerability/40bd880e-67a1-4180-b197-8dcadaa0ace4/
 CVE-2024-6165 - https://wpscan.com/vulnerability/b9e6648a-9d19-4e73-ad6c-f727802d8dd5/
 CVE-2024-6184 - https://github.com/L1OudFd8cl09/CVE/blob/main/11_06_2024_a.md
+CVE-2024-6185 - https://github.com/L1OudFd8cl09/CVE/blob/main/11_06_2024_b.md
 CVE-2024-6186 - https://github.com/L1OudFd8cl09/CVE/blob/main/11_06_2024_c.md
 CVE-2024-6187 - https://github.com/L1OudFd8cl09/CVE/blob/main/11_06_2024_d.md
 CVE-2024-6188 - https://kiwiyumi.com/post/tracksys-export-source-code/
@@ -100223,6 +100260,7 @@ CVE-2024-6191 - https://github.com/HryspaHodor/CVE/issues/3
 CVE-2024-6192 - https://github.com/HryspaHodor/CVE/issues/4
 CVE-2024-6193 - https://github.com/HryspaHodor/CVE/issues/5
 CVE-2024-6194 - https://github.com/HryspaHodor/CVE/issues/6
+CVE-2024-6195 - https://github.com/2768210355/cve/issues/2
 CVE-2024-6196 - https://github.com/2768210355/cve/issues/1
 CVE-2024-6205 - https://wpscan.com/vulnerability/7e2c5032-2917-418c-aee3-092bdb78a087/
 CVE-2024-6212 - https://docs.google.com/document/d/1tl9-EAxUR64Og9zS-nyUx3YtG1V32Monkvq-h39tjpw/edit?usp=sharing
@@ -100234,7 +100272,9 @@ CVE-2024-6230 - https://wpscan.com/vulnerability/311e3c15-0f58-4f3b-91f8-0c62c0e
 CVE-2024-6231 - https://wpscan.com/vulnerability/75ad1d8f-edc3-4eb3-b4c0-73832c0a4ca0/
 CVE-2024-6243 - https://wpscan.com/vulnerability/f4097877-ba19-4738-a994-9593b9a5a635/
 CVE-2024-6244 - https://wpscan.com/vulnerability/73ba55a5-6cff-40fc-9686-30c50f060732/
+CVE-2024-6253 - https://github.com/Desenchanted/cve/issues/1
 CVE-2024-6267 - https://docs.google.com/document/d/1upC4101Ob9UW7fGC_valsEa45Q5xuBgcKZhs1Q-WoBM/edit?usp=sharing
+CVE-2024-6267 - https://github.com/sgr-xd/CVEs/blob/main/CVE-2024-6267.md
 CVE-2024-6270 - https://wpscan.com/vulnerability/3d0a6edc-61e8-42fb-8b93-ef083146bd9c/
 CVE-2024-6271 - https://wpscan.com/vulnerability/44d9d085-34cb-490f-a3f5-f9eafae85ab8/
 CVE-2024-6272 - https://wpscan.com/vulnerability/146b94df-7fc6-4da3-9ef1-d2875ae3fa9e/
@@ -100246,6 +100286,8 @@ CVE-2024-6330 - https://wpscan.com/vulnerability/95b532e0-1ffb-421e-b9c0-de03f89
 CVE-2024-6334 - https://wpscan.com/vulnerability/6c09083c-6960-4369-8c5c-ad20e34aaa8b/
 CVE-2024-6362 - https://wpscan.com/vulnerability/d2e2d06b-0f07-40b9-9b87-3373f62ae1a9/
 CVE-2024-6366 - https://wpscan.com/vulnerability/5b90cbdd-52cc-4e7b-bf39-bea0dd59e19e/
+CVE-2024-6371 - https://github.com/L1OudFd8cl09/CVE/blob/main/25_06_2024_b.md
+CVE-2024-6372 - https://github.com/Galaxy-lrc/cve/issues/1
 CVE-2024-6373 - https://github.com/Abyssun/abyssun-/issues/1
 CVE-2024-6386 - https://sec.stealthcopter.com/wpml-rce-via-twig-ssti/
 CVE-2024-6387 - http://seclists.org/fulldisclosure/2024/Jul/18
@@ -100253,6 +100295,7 @@ CVE-2024-6387 - http://seclists.org/fulldisclosure/2024/Jul/19
 CVE-2024-6387 - http://www.openwall.com/lists/oss-security/2024/07/03/5
 CVE-2024-6387 - http://www.openwall.com/lists/oss-security/2024/07/28/2
 CVE-2024-6387 - https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
+CVE-2024-6387 - https://github.com/zgzhang/cve-2024-6387-poc
 CVE-2024-6387 - https://news.ycombinator.com/item?id=40843778
 CVE-2024-6387 - https://santandersecurityresearch.github.io/blog/sshing_the_masses.html
 CVE-2024-6387 - https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html
@@ -100263,6 +100306,7 @@ CVE-2024-6408 - https://wpscan.com/vulnerability/31aaeffb-a752-4941-9d0f-1b374fb
 CVE-2024-6412 - https://wpscan.com/vulnerability/9eb0dad6-3c19-4fe4-a20d-d45b51410444/
 CVE-2024-6417 - https://github.com/xyj123a/cve/blob/main/sql.md
 CVE-2024-6420 - https://wpscan.com/vulnerability/dfda6577-81aa-4397-a2d6-1d736f9ebd44/
+CVE-2024-6439 - https://github.com/GAO-UNO/cve/blob/main/upload.md
 CVE-2024-6451 - https://wpscan.com/vulnerability/fc06d413-a227-470c-a5b7-cdab57aeab34/
 CVE-2024-6453 - https://github.com/7u7777/cve/issues/3
 CVE-2024-6459 - https://wpscan.com/vulnerability/330359fa-d085-4923-b5a8-c0e2e5267247/
@@ -100287,8 +100331,11 @@ CVE-2024-6531 - https://www.herodevs.com/vulnerability-directory/cve-2024-6531
 CVE-2024-6533 - https://fluidattacks.com/advisories/bocelli
 CVE-2024-6534 - https://fluidattacks.com/advisories/capaldi
 CVE-2024-6536 - https://wpscan.com/vulnerability/ee40c1c6-4186-4b97-866c-fb0e76cedeb8/
+CVE-2024-6649 - https://github.com/Xu-Mingming/cve/blob/main/csrf1.md
+CVE-2024-6650 - https://github.com/Xu-Mingming/cve/blob/main/xss1.md
 CVE-2024-6651 - https://wpscan.com/vulnerability/65e2c77d-09bd-4a44-81d9-d7a5db0e0f84/
 CVE-2024-6652 - https://github.com/littletree7/cve/issues/1
+CVE-2024-6653 - https://github.com/hantianj/cve/issues/1
 CVE-2024-6695 - https://wpscan.com/vulnerability/4afa5c85-ce27-4ca7-bba2-61fb39c53a5b/
 CVE-2024-6706 - https://korelogic.com/Resources/Advisories/KL-001-2024-005.txt
 CVE-2024-6707 - https://korelogic.com/Resources/Advisories/KL-001-2024-006.txt
@@ -100297,6 +100344,7 @@ CVE-2024-6715 - https://wpscan.com/vulnerability/19406acc-3441-4d4a-9163-ace8f1d
 CVE-2024-6716 - https://gitlab.com/libtiff/libtiff/-/issues/620
 CVE-2024-6720 - https://wpscan.com/vulnerability/d1449be1-ae85-46f4-b5ba-390d25b87723/
 CVE-2024-6724 - https://wpscan.com/vulnerability/0cb3158a-263d-4c4a-8029-62b453c281cb/
+CVE-2024-6728 - https://github.com/jeery0/cve/issues/1
 CVE-2024-6729 - https://reports-kunull.vercel.app/CVE%20research/2024/cve-2024-6729
 CVE-2024-6729 - https://reports-kunull.vercel.app/CVEs/2024/CVE-2024-6729
 CVE-2024-6731 - https://reports-kunull.vercel.app/CVE%20research/2024/cve-2024-6731
@@ -100304,19 +100352,26 @@ CVE-2024-6731 - https://reports-kunull.vercel.app/CVEs/2024/CVE-2024-6731
 CVE-2024-6732 - https://reports-kunull.vercel.app/CVE%20research/2024/cve-2024-6732
 CVE-2024-6732 - https://reports-kunull.vercel.app/CVEs/2024/CVE-2024-6732
 CVE-2024-6732 - https://vuldb.com/?submit.374370
+CVE-2024-6733 - https://github.com/jiaoyanshuai/cve/issues/1
+CVE-2024-6734 - https://github.com/jiaoyanshuai/cve/issues/2
+CVE-2024-6735 - https://github.com/xzyxiaohaha/cve/issues/1
 CVE-2024-6745 - https://github.com/xzyxiaohaha/cve/issues/2
+CVE-2024-6746 - https://github.com/NaiboWang/EasySpider/issues/466
 CVE-2024-6766 - https://wpscan.com/vulnerability/77bb1dcf-4e84-497a-955e-f3c0b649ad1c/
 CVE-2024-6768 - https://www.fortra.com/security/advisories/research/fr-2024-001
 CVE-2024-6781 - https://starlabs.sg/advisories/24/24-6781/
 CVE-2024-6782 - https://starlabs.sg/advisories/24/24-6782/
 CVE-2024-6783 - https://www.herodevs.com/vulnerability-directory/cve-2024-6783---vue-client-side-xss
+CVE-2024-6801 - https://github.com/aaajuna/demo/issues/1
 CVE-2024-6802 - https://reports-kunull.vercel.app/CVE%20research/2024/cve-2024-6802
 CVE-2024-6802 - https://reports-kunull.vercel.app/CVEs/2024/CVE-2024-6802
+CVE-2024-6803 - https://github.com/hzy11111111/cve/issues/3
 CVE-2024-6807 - https://reports-kunull.vercel.app/CVE%20research/2024/cve-2024-6807
 CVE-2024-6807 - https://reports-kunull.vercel.app/CVEs/2024/CVE-2024-6807
 CVE-2024-6808 - https://github.com/qianqiusujiu/cve/issues/1
 CVE-2024-6843 - https://wpscan.com/vulnerability/9a5cb440-065a-445a-9a09-55bd5f782e85/
 CVE-2024-6847 - https://wpscan.com/vulnerability/baa860bb-3b7d-438a-ad54-92bf8e21e851/
+CVE-2024-6848 - https://github.com/BoldGrid/post-and-page-builder/issues/612
 CVE-2024-6884 - https://wpscan.com/vulnerability/1768de0c-e4ea-4c98-abf1-7ac805f214b8/
 CVE-2024-6890 - https://korelogic.com/Resources/Advisories/KL-001-2024-007.txt
 CVE-2024-6891 - https://korelogic.com/Resources/Advisories/KL-001-2024-008.txt
@@ -100328,9 +100383,11 @@ CVE-2024-6912 - http://seclists.org/fulldisclosure/2024/Jul/13
 CVE-2024-6912 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-perten-processplus/
 CVE-2024-6913 - http://seclists.org/fulldisclosure/2024/Jul/13
 CVE-2024-6913 - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-perten-processplus/
+CVE-2024-6923 - https://github.com/python/cpython/pull/122233
 CVE-2024-6932 - https://github.com/Hebing123/cve/issues/42
 CVE-2024-6933 - https://github.com/Hebing123/cve/issues/55
 CVE-2024-6934 - https://github.com/DeepMountains/Mirage/blob/main/CVE-2.md
+CVE-2024-6937 - https://github.com/DeepMountains/Mirage/blob/main/CVE2-3.md
 CVE-2024-6938 - https://github.com/siyuan-note/siyuan/issues/11650
 CVE-2024-6938 - https://github.com/siyuan-note/siyuan/issues/11949
 CVE-2024-6939 - https://github.com/rainrocka/xinhu/issues/7
@@ -100342,9 +100399,13 @@ CVE-2024-6952 - https://github.com/DeepMountains/Mirage/blob/main/CVE6-1.md
 CVE-2024-6953 - https://github.com/333-uit/CVE/issues/1
 CVE-2024-6956 - https://github.com/DeepMountains/Mirage/blob/main/CVE6-2.md
 CVE-2024-6957 - https://github.com/DeepMountains/Mirage/blob/main/CVE6-3.md
+CVE-2024-6958 - https://github.com/DeepMountains/Mirage/blob/main/CVE6-4.md
 CVE-2024-6960 - https://research.jfrog.com/vulnerabilities/h2o-model-deserialization-rce-jfsa-2024-001035518/
 CVE-2024-6961 - https://research.jfrog.com/vulnerabilities/guardrails-rail-xxe-jfsa-2024-001035519/
+CVE-2024-6962 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/O3V2.0/formQosSet.md
 CVE-2024-6963 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/O3V2.0/formexeCommand.md
+CVE-2024-6964 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/O3V2.0/fromDhcpSetSer.md
+CVE-2024-6965 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/O3V2.0/fromVirtualSet.md
 CVE-2024-6966 - https://github.com/HermesCui/CVE/issues/1
 CVE-2024-6967 - https://github.com/rtsjx-cve/cve/blob/main/sql.md
 CVE-2024-6984 - https://github.com/juju/juju/security/advisories/GHSA-6vjm-54vp-mxhx
@@ -100620,5 +100681,6 @@ CVE-2024-7897 - https://gist.github.com/b0rgch3n/bb47a1ed6f66c1e8c7a80f210f4ac8e
 CVE-2024-7898 - https://gist.github.com/b0rgch3n/3136cad95b09e42184fb2d78aae33651
 CVE-2024-7900 - https://github.com/DeepMountains/Mirage/blob/main/CVE16-1.md
 CVE-2024-7900 - https://github.com/DeepMountains/Mirage/blob/main/CVE16-2.md
+CVE-2024-7954 - https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_1_the_feather/
 CVE-2024-8003 - https://vuldb.com/?submit.393987
 CVE-2024-8072 - https://research.jfrog.com/vulnerabilities/mage-ai-terminal-server-infoleak-jfsa-2024-001039574/