diff --git a/2007/CVE-2007-2426.md b/2007/CVE-2007-2426.md index 644c74d661..308e3773e7 100644 --- a/2007/CVE-2007-2426.md +++ b/2007/CVE-2007-2426.md @@ -14,5 +14,6 @@ PHP remote file inclusion vulnerability in myfunctions/mygallerybrowser.php in t #### Github - https://github.com/ARPSyndicate/cvemon +- https://github.com/goudunz1/CVE-2007-2426 - https://github.com/warriordog/little-log-scan diff --git a/2009/CVE-2009-4762.md b/2009/CVE-2009-4762.md new file mode 100644 index 0000000000..3923332ad8 --- /dev/null +++ b/2009/CVE-2009-4762.md @@ -0,0 +1,17 @@ +### [CVE-2009-4762](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4762) +![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen) + +### Description + +MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended access restrictions by requesting an item, a different vulnerability than CVE-2008-6603. + +### POC + +#### Reference +- http://ubuntu.com/usn/usn-941-1 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2011/CVE-2011-2938.md b/2011/CVE-2011-2938.md index 9a1cb967fd..4db3f2845c 100644 --- a/2011/CVE-2011-2938.md +++ b/2011/CVE-2011-2938.md @@ -12,6 +12,7 @@ Multiple cross-site scripting (XSS) vulnerabilities in filter_api.php in MantisB #### Reference - http://packetstormsecurity.org/files/104149 - http://securityreason.com/securityalert/8391 +- https://bugzilla.redhat.com/show_bug.cgi?id=731777 #### Github No PoCs found on GitHub currently. diff --git a/2014/CVE-2014-0160.md b/2014/CVE-2014-0160.md index 0a0cf5c945..1fb8033b61 100644 --- a/2014/CVE-2014-0160.md +++ b/2014/CVE-2014-0160.md @@ -402,6 +402,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p - https://github.com/luciusmona/NSAKEY-OpenVPN-install - https://github.com/madhavmehndiratta/Google-Code-In-2019 - https://github.com/mahyarx/pentest-tools +- https://github.com/maitejartf/awesome-security - https://github.com/majidkalantarii/WebHacking - https://github.com/marianobarrios/tls-channel - https://github.com/marrocamp/Impressionante-pentest diff --git a/2014/CVE-2014-6271.md b/2014/CVE-2014-6271.md index 87e6fd83ab..ce44a1189a 100644 --- a/2014/CVE-2014-6271.md +++ b/2014/CVE-2014-6271.md @@ -461,6 +461,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th - https://github.com/loyality7/Awesome-Cyber - https://github.com/lp008/Hack-readme - https://github.com/mahyarx/pentest-tools +- https://github.com/maitejartf/awesome-security - https://github.com/majidkalantarii/WebHacking - https://github.com/make0day/pentest - https://github.com/maragard/genestealer diff --git a/2019/CVE-2019-11447.md b/2019/CVE-2019-11447.md index c79a712f51..066ce11ca5 100644 --- a/2019/CVE-2019-11447.md +++ b/2019/CVE-2019-11447.md @@ -24,6 +24,7 @@ An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate th - https://github.com/CRFSlick/CVE-2019-11447-POC - https://github.com/ColdFusionX/CVE-2019-11447_CuteNews-AvatarUploadRCE - https://github.com/Meowmycks/OSCPprep-Cute +- https://github.com/Mr-Tree-S/POC_EXP - https://github.com/anquanscan/sec-tools - https://github.com/developer3000S/PoC-in-GitHub - https://github.com/dinesh876/CVE-2019-11447-POC diff --git a/2022/CVE-2022-1751.md b/2022/CVE-2022-1751.md new file mode 100644 index 0000000000..290e88d2ca --- /dev/null +++ b/2022/CVE-2022-1751.md @@ -0,0 +1,17 @@ +### [CVE-2022-1751](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1751) +![](https://img.shields.io/static/v1?label=Product&message=Skitter%20Slideshow&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.5.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-918%20Server-Side%20Request%20Forgery%20(SSRF)&color=brighgreen) + +### Description + +The Skitter Slideshow plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5.2 via the /image.php file. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2022/CVE-2022-4532.md b/2022/CVE-2022-4532.md new file mode 100644 index 0000000000..7b35dc003a --- /dev/null +++ b/2022/CVE-2022-4532.md @@ -0,0 +1,17 @@ +### [CVE-2022-4532](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4532) +![](https://img.shields.io/static/v1?label=Product&message=LOGIN%20AND%20REGISTRATION%20ATTEMPTS%20LIMIT&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-348%20Use%20of%20Less%20Trusted%20Source&color=brighgreen) + +### Description + +The LOGIN AND REGISTRATION ATTEMPTS LIMIT plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address from logging in. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-0714.md b/2023/CVE-2023-0714.md new file mode 100644 index 0000000000..1f28135885 --- /dev/null +++ b/2023/CVE-2023-0714.md @@ -0,0 +1,17 @@ +### [CVE-2023-0714](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0714) +![](https://img.shields.io/static/v1?label=Product&message=MetForm%20%E2%80%93%20Contact%20Form%2C%20Survey%2C%20Quiz%2C%20%26%20Custom%20Form%20Builder%20for%20Elementor&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%203.2.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload%20of%20File%20with%20Dangerous%20Type&color=brighgreen) + +### Description + +The Metform Elementor Contact Form Builder for WordPress is vulnerable to Arbitrary File Upload due to insufficient file type validation in versions up to, and including, 3.2.4. This allows unauthenticated visitors to perform a "double extension" attack and upload files containing a malicious extension but ending with a benign extension, which may make remote code execution possible in some configurations. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-1604.md b/2023/CVE-2023-1604.md new file mode 100644 index 0000000000..fc2f1dfc59 --- /dev/null +++ b/2023/CVE-2023-1604.md @@ -0,0 +1,17 @@ +### [CVE-2023-1604](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1604) +![](https://img.shields.io/static/v1?label=Product&message=Short%20URL&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.6.8%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) + +### Description + +The Short URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.8. This is due to missing or incorrect nonce validation on the configuration_page function. This makes it possible for unauthenticated attackers to add and import redirects, including comments containing cross-site scripting as detailed in CVE-2023-1602, granted they can trick a site administrator into performing an action such as clicking on a link. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-3408.md b/2023/CVE-2023-3408.md new file mode 100644 index 0000000000..2dbbf7030e --- /dev/null +++ b/2023/CVE-2023-3408.md @@ -0,0 +1,17 @@ +### [CVE-2023-3408](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3408) +![](https://img.shields.io/static/v1?label=Product&message=Bricks&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.8.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) + +### Description + +The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the 'save_settings' function. This makes it possible for unauthenticated attackers to modify the theme's settings, including enabling a setting which allows lower-privileged users such as contributors to perform code execution, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-3409.md b/2023/CVE-2023-3409.md new file mode 100644 index 0000000000..e9536bd1d8 --- /dev/null +++ b/2023/CVE-2023-3409.md @@ -0,0 +1,17 @@ +### [CVE-2023-3409](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3409) +![](https://img.shields.io/static/v1?label=Product&message=Bricks&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.8.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery%20(CSRF)&color=brighgreen) + +### Description + +The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the 'reset_settings' function. This makes it possible for unauthenticated attackers to reset the theme's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-3416.md b/2023/CVE-2023-3416.md new file mode 100644 index 0000000000..17b62b531a --- /dev/null +++ b/2023/CVE-2023-3416.md @@ -0,0 +1,17 @@ +### [CVE-2023-3416](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3416) +![](https://img.shields.io/static/v1?label=Product&message=tagDiv%20Opt-In%20Builder&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.4.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) + +### Description + +The tagDiv Opt-In Builder plugin is vulnerable to Blind SQL Injection via the 'subscriptionCouponId' parameter via the 'create_stripe_subscription' REST API endpoint in versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-3419.md b/2023/CVE-2023-3419.md new file mode 100644 index 0000000000..e477cba03b --- /dev/null +++ b/2023/CVE-2023-3419.md @@ -0,0 +1,17 @@ +### [CVE-2023-3419](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3419) +![](https://img.shields.io/static/v1?label=Product&message=tagDiv%20Opt-In%20Builder&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.4.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen) + +### Description + +The tagDiv Opt-In Builder plugin is vulnerable to Blind SQL Injection via the 'couponId' parameter of the 'recreate_stripe_subscription' REST API endpoint in versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with administrator-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-3521.md b/2023/CVE-2023-3521.md index c559ca3479..a32376762f 100644 --- a/2023/CVE-2023-3521.md +++ b/2023/CVE-2023-3521.md @@ -13,5 +13,5 @@ Cross-site Scripting (XSS) - Reflected in GitHub repository fossbilling/fossbill - https://huntr.dev/bounties/76a3441d-7f75-4a8d-a7a0-95a7f5456eb0 #### Github -No PoCs found on GitHub currently. +- https://github.com/20142995/nuclei-templates diff --git a/2023/CVE-2023-39351.md b/2023/CVE-2023-39351.md index 582c70bf76..4d00b6e656 100644 --- a/2023/CVE-2023-39351.md +++ b/2023/CVE-2023-39351.md @@ -13,5 +13,5 @@ FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released - https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-q9x9-cqjc-rgwq #### Github -No PoCs found on GitHub currently. +- https://github.com/DiRaltvein/memory-corruption-examples diff --git a/2023/CVE-2023-4024.md b/2023/CVE-2023-4024.md new file mode 100644 index 0000000000..206efe02b5 --- /dev/null +++ b/2023/CVE-2023-4024.md @@ -0,0 +1,17 @@ +### [CVE-2023-4024](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4024) +![](https://img.shields.io/static/v1?label=Product&message=Radio%20Player%20%E2%80%93%20Live%20Shoutcast%2C%20Icecast%20and%20Any%20Audio%20Stream%20Player%20for%20WordPress&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.0.73%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_player function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to delete player instances. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-4025.md b/2023/CVE-2023-4025.md new file mode 100644 index 0000000000..6fa778705a --- /dev/null +++ b/2023/CVE-2023-4025.md @@ -0,0 +1,17 @@ +### [CVE-2023-4025](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4025) +![](https://img.shields.io/static/v1?label=Product&message=Radio%20Player%20%E2%80%93%20Live%20Shoutcast%2C%20Icecast%20and%20Any%20Audio%20Stream%20Player%20for%20WordPress&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.0.73%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_player function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update player instances. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-4027.md b/2023/CVE-2023-4027.md new file mode 100644 index 0000000000..f037477310 --- /dev/null +++ b/2023/CVE-2023-4027.md @@ -0,0 +1,17 @@ +### [CVE-2023-4027](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4027) +![](https://img.shields.io/static/v1?label=Product&message=Radio%20Player%20%E2%80%93%20Live%20Shoutcast%2C%20Icecast%20and%20Any%20Audio%20Stream%20Player%20for%20WordPress&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.0.73%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +The Radio Player plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_settings function in versions up to, and including, 2.0.73. This makes it possible for unauthenticated attackers to update plugin settings. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-4507.md b/2023/CVE-2023-4507.md new file mode 100644 index 0000000000..6a009d82a7 --- /dev/null +++ b/2023/CVE-2023-4507.md @@ -0,0 +1,17 @@ +### [CVE-2023-4507](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4507) +![](https://img.shields.io/static/v1?label=Product&message=Admission%20AppManager&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.0.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The Admission AppManager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'q' parameter in versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-4604.md b/2023/CVE-2023-4604.md new file mode 100644 index 0000000000..e8a558c3fb --- /dev/null +++ b/2023/CVE-2023-4604.md @@ -0,0 +1,17 @@ +### [CVE-2023-4604](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4604) +![](https://img.shields.io/static/v1?label=Product&message=Slideshow%2C%20Image%20Slider%20by%202J&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.3.54%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The Slideshow, Image Slider by 2J plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘post’ parameter in versions up to, and including, 1.3.54 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-4730.md b/2023/CVE-2023-4730.md new file mode 100644 index 0000000000..66fcf20de9 --- /dev/null +++ b/2023/CVE-2023-4730.md @@ -0,0 +1,17 @@ +### [CVE-2023-4730](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4730) +![](https://img.shields.io/static/v1?label=Product&message=LadiApp%3A%20Landing%20Page%2C%20PopupX%2C%20Marketing%20Automation%2C%20Affiliate%20Marketing%E2%80%A6&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%204.3%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +The LadiApp plugn for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the init_endpoint() function hooked via 'init' in versions up to, and including, 4.3. This makes it possible for unauthenticated attackers to modify a variety of settings. An attacker can directly modify the 'ladipage_key' which enables them to create new posts on the website and inject malicious web scripts. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2023/CVE-2023-5505.md b/2023/CVE-2023-5505.md new file mode 100644 index 0000000000..19ca7c58ad --- /dev/null +++ b/2023/CVE-2023-5505.md @@ -0,0 +1,17 @@ +### [CVE-2023-5505](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5505) +![](https://img.shields.io/static/v1?label=Product&message=BackWPup%20%E2%80%93%20WordPress%20Backup%20%26%20Restore%20Plugin&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%204.0.1%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen) + +### Description + +The BackWPup plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.0.1 via the job-specific backup folder. This allows authenticated attackers to store backups in arbitrary folders on the server provided they can be written to by the server. Additionally, default settings will place an index.php and a .htaccess file into the chosen directory (unless already present) when the first backup job is run that are intended to prevent directory listing and file access. This means that an attacker could set the backup directory to the root of another site in a shared environment and thus disable that site. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2024/CVE-2024-36991.md b/2024/CVE-2024-36991.md index 0fda23b7d5..444ddccaa8 100644 --- a/2024/CVE-2024-36991.md +++ b/2024/CVE-2024-36991.md @@ -13,6 +13,7 @@ In Splunk Enterprise on Windows versions below 9.2.2, 9.1.5, and 9.0.10, an atta No PoCs from references. #### Github +- https://github.com/0xMarcio/cve - https://github.com/Ostorlab/KEV - https://github.com/nomi-sec/PoC-in-GitHub - https://github.com/onewinner/POCS diff --git a/2024/CVE-2024-38021.md b/2024/CVE-2024-38021.md index f6745249df..f8d7a54b92 100644 --- a/2024/CVE-2024-38021.md +++ b/2024/CVE-2024-38021.md @@ -19,4 +19,5 @@ No PoCs from references. #### Github - https://github.com/cybereagle2001/KQL-Security-Querries +- https://github.com/delivr-to/detections diff --git a/2024/CVE-2024-38063.md b/2024/CVE-2024-38063.md index 22c6c6a261..734f688e04 100644 --- a/2024/CVE-2024-38063.md +++ b/2024/CVE-2024-38063.md @@ -55,5 +55,6 @@ No PoCs from references. - https://github.com/being1943/my_rss_reader - https://github.com/kherrick/hacker-news - https://github.com/nomi-sec/PoC-in-GitHub +- https://github.com/tanjiti/sec_profile - https://github.com/zhaoolee/garss diff --git a/2024/CVE-2024-38475.md b/2024/CVE-2024-38475.md new file mode 100644 index 0000000000..39504934cd --- /dev/null +++ b/2024/CVE-2024-38475.md @@ -0,0 +1,17 @@ +### [CVE-2024-38475](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38475) +![](https://img.shields.io/static/v1?label=Product&message=Apache%20HTTP%20Server&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=2.4.0%3C%3D%202.4.59%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-116%20Improper%20Encoding%20or%20Escaping%20of%20Output&color=brighgreen) + +### Description + +Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to map URLs to filesystem locations that are permitted to be served by the server but are not intentionally/directly reachable by any URL, resulting in code execution or source code disclosure. Substitutions in server context that use a backreferences or variables as the first segment of the substitution are affected.  Some unsafe RewiteRules will be broken by this change and the rewrite flag "UnsafePrefixStat" can be used to opt back in once ensuring the substitution is appropriately constrained. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nomi-sec/PoC-in-GitHub + diff --git a/2024/CVE-2024-40776.md b/2024/CVE-2024-40776.md index 0e21461074..ef2a8e8f8b 100644 --- a/2024/CVE-2024-40776.md +++ b/2024/CVE-2024-40776.md @@ -20,6 +20,8 @@ A use-after-free issue was addressed with improved memory management. This issue #### Reference - http://seclists.org/fulldisclosure/2024/Jul/15 - http://seclists.org/fulldisclosure/2024/Jul/16 +- http://seclists.org/fulldisclosure/2024/Jul/17 +- http://seclists.org/fulldisclosure/2024/Jul/18 #### Github No PoCs found on GitHub currently. diff --git a/2024/CVE-2024-40779.md b/2024/CVE-2024-40779.md index 0eab49a557..c05e5ced48 100644 --- a/2024/CVE-2024-40779.md +++ b/2024/CVE-2024-40779.md @@ -20,6 +20,8 @@ An out-of-bounds read was addressed with improved bounds checking. This issue is #### Reference - http://seclists.org/fulldisclosure/2024/Jul/15 - http://seclists.org/fulldisclosure/2024/Jul/16 +- http://seclists.org/fulldisclosure/2024/Jul/17 +- http://seclists.org/fulldisclosure/2024/Jul/18 #### Github No PoCs found on GitHub currently. diff --git a/2024/CVE-2024-40780.md b/2024/CVE-2024-40780.md index 9c7864b5c3..cfdd5ee5a9 100644 --- a/2024/CVE-2024-40780.md +++ b/2024/CVE-2024-40780.md @@ -20,6 +20,8 @@ An out-of-bounds read was addressed with improved bounds checking. This issue is #### Reference - http://seclists.org/fulldisclosure/2024/Jul/15 - http://seclists.org/fulldisclosure/2024/Jul/16 +- http://seclists.org/fulldisclosure/2024/Jul/17 +- http://seclists.org/fulldisclosure/2024/Jul/18 #### Github No PoCs found on GitHub currently. diff --git a/2024/CVE-2024-41660.md b/2024/CVE-2024-41660.md new file mode 100644 index 0000000000..3e2a84f4aa --- /dev/null +++ b/2024/CVE-2024-41660.md @@ -0,0 +1,17 @@ +### [CVE-2024-41660](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41660) +![](https://img.shields.io/static/v1?label=Product&message=slpd-lite&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%20all%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-120%3A%20Buffer%20Copy%20without%20Checking%20Size%20of%20Input%20('Classic%20Buffer%20Overflow')&color=brighgreen) + +### Description + +slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon on the BMC. Patches will be available in the latest openbmc/slpd-lite repository. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/tanjiti/sec_profile + diff --git a/2024/CVE-2024-42318.md b/2024/CVE-2024-42318.md index 8b468a7fc2..c4aa661540 100644 --- a/2024/CVE-2024-42318.md +++ b/2024/CVE-2024-42318.md @@ -10,7 +10,8 @@ In the Linux kernel, the following vulnerability has been resolved:landlock: Don ### POC #### Reference -No PoCs from references. +- https://lore.kernel.org/all/20240817.shahka3Ee1iy@digikod.net/ +- https://www.openwall.com/lists/oss-security/2024/08/17/2 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-5420.md b/2024/CVE-2024-5420.md index 0ccceebcb4..516aff7b06 100644 --- a/2024/CVE-2024-5420.md +++ b/2024/CVE-2024-5420.md @@ -16,5 +16,5 @@ Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computer - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/index.html #### Github -No PoCs found on GitHub currently. +- https://github.com/20142995/nuclei-templates diff --git a/2024/CVE-2024-5421.md b/2024/CVE-2024-5421.md index 0318228471..31f4df8645 100644 --- a/2024/CVE-2024-5421.md +++ b/2024/CVE-2024-5421.md @@ -16,5 +16,5 @@ Missing input validation and OS command integration of the input in the utnserve - https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html #### Github -No PoCs found on GitHub currently. +- https://github.com/20142995/nuclei-templates diff --git a/2024/CVE-2024-6043.md b/2024/CVE-2024-6043.md index 27c758d485..a033238642 100644 --- a/2024/CVE-2024-6043.md +++ b/2024/CVE-2024-6043.md @@ -13,5 +13,5 @@ A vulnerability classified as critical has been found in SourceCodester Best Hou - https://github.com/yezzzo/y3/blob/main/SourceCodester%20Best%20house%20rental%20management%20system%20project%20in%20php%201.0%20SQL%20Injection.md #### Github -No PoCs found on GitHub currently. +- https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-6500.md b/2024/CVE-2024-6500.md new file mode 100644 index 0000000000..c730bc624d --- /dev/null +++ b/2024/CVE-2024-6500.md @@ -0,0 +1,19 @@ +### [CVE-2024-6500](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6500) +![](https://img.shields.io/static/v1?label=Product&message=InPost%20PL&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=InPost%20for%20WooCommerce&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.4.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.4.4%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen) + +### Description + +The InPost for WooCommerce plugin and InPost PL plugin for WordPress are vulnerable to unauthorized access and deletion of data due to a missing capability check on the 'parse_request' function in all versions up to, and including, 1.4.0 (for InPost for WooCommerce) as well as 1.4.4 (for InPost PL). This makes it possible for unauthenticated attackers to read and delete arbitrary files on Windows servers. On Linux servers, only files within the WordPress install will be deleted, but all files can be read. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates + diff --git a/2024/CVE-2024-6893.md b/2024/CVE-2024-6893.md index 9ab15fbdbf..50007225b7 100644 --- a/2024/CVE-2024-6893.md +++ b/2024/CVE-2024-6893.md @@ -13,5 +13,6 @@ The "soap_cgi.pyc" API handler allows the XML body of SOAP requests to contain r - https://korelogic.com/Resources/Advisories/KL-001-2024-010.txt #### Github +- https://github.com/20142995/nuclei-templates - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-7094.md b/2024/CVE-2024-7094.md index c552d556e7..74a25af952 100644 --- a/2024/CVE-2024-7094.md +++ b/2024/CVE-2024-7094.md @@ -15,4 +15,5 @@ No PoCs from references. #### Github - https://github.com/20142995/nuclei-templates - https://github.com/fkie-cad/nvd-json-data-feeds +- https://github.com/nomi-sec/PoC-in-GitHub diff --git a/2024/CVE-2024-7646.md b/2024/CVE-2024-7646.md new file mode 100644 index 0000000000..c53676899f --- /dev/null +++ b/2024/CVE-2024-7646.md @@ -0,0 +1,17 @@ +### [CVE-2024-7646](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7646) +![](https://img.shields.io/static/v1?label=Product&message=ingress-nginx&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen) + +### Description + +A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the `networking.k8s.io` or `extensions` API group) can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/nomi-sec/PoC-in-GitHub + diff --git a/2024/CVE-2024-7703.md b/2024/CVE-2024-7703.md new file mode 100644 index 0000000000..566237308d --- /dev/null +++ b/2024/CVE-2024-7703.md @@ -0,0 +1,19 @@ +### [CVE-2024-7703](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7703) +![](https://img.shields.io/static/v1?label=Product&message=ARMember%20%E2%80%93%20Membership%20Plugin%2C%20Content%20Restriction%2C%20Member%20Levels%2C%20User%20Profile%20%26%20User%20signup&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%204.0.37%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen) + +### Description + +The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.0.37 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/20142995/nuclei-templates +- https://github.com/lfillaz/CVE-2024-7703 +- https://github.com/nomi-sec/PoC-in-GitHub + diff --git a/2024/CVE-2024-7738.md b/2024/CVE-2024-7738.md new file mode 100644 index 0000000000..2d4fb5d0e9 --- /dev/null +++ b/2024/CVE-2024-7738.md @@ -0,0 +1,18 @@ +### [CVE-2024-7738](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7738) +![](https://img.shields.io/static/v1?label=Product&message=vscode-markdown-pdf&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.5.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-21%20Pathname%20Traversal&color=brighgreen) + +### Description + +A vulnerability, which was classified as problematic, has been found in yzane vscode-markdown-pdf 1.5.0. Affected by this issue is some unknown functionality of the component Markdown File Handler. The manipulation leads to pathname traversal. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/abhi-ingle/Vulnerability-Research/blob/main/POC/Arbitrary%20File%20Read/file_read_report.md +- https://github.com/abhi-ingle/Vulnerability-Research/blob/main/POC/Arbitrary%20File%20Read/poc_arbitrary_file_read.mp4 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7739.md b/2024/CVE-2024-7739.md new file mode 100644 index 0000000000..db342752a5 --- /dev/null +++ b/2024/CVE-2024-7739.md @@ -0,0 +1,18 @@ +### [CVE-2024-7739](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7739) +![](https://img.shields.io/static/v1?label=Product&message=vscode-markdown-pdf&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.5.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen) + +### Description + +A vulnerability, which was classified as problematic, was found in yzane vscode-markdown-pdf 1.5.0. This affects an unknown part. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/abhi-ingle/Vulnerability-Research/blob/main/POC/Script%20Injection/poc_script_inject.mp4 +- https://github.com/abhi-ingle/Vulnerability-Research/blob/main/POC/Script%20Injection/script_injection_report.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7742.md b/2024/CVE-2024-7742.md new file mode 100644 index 0000000000..49c66cb3f1 --- /dev/null +++ b/2024/CVE-2024-7742.md @@ -0,0 +1,17 @@ +### [CVE-2024-7742](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7742) +![](https://img.shields.io/static/v1?label=Product&message=ltcms&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0.20%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-918%20Server-Side%20Request%20Forgery&color=brighgreen) + +### Description + +A vulnerability was found in wanglongcn ltcms 1.0.20. It has been classified as critical. Affected is the function multiDownload of the file /api/file/multiDownload of the component API Endpoint. The manipulation of the argument file leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/DeepMountains/Mirage/blob/main/CVE14-3.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7750.md b/2024/CVE-2024-7750.md new file mode 100644 index 0000000000..8958524901 --- /dev/null +++ b/2024/CVE-2024-7750.md @@ -0,0 +1,17 @@ +### [CVE-2024-7750](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7750) +![](https://img.shields.io/static/v1?label=Product&message=Clinics%20Patient%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability has been found in SourceCodester Clinics Patient Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /medicines.php. The manipulation of the argument medicine_name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/Wsstiger/cve/blob/main/Clinic's_sql.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7754.md b/2024/CVE-2024-7754.md new file mode 100644 index 0000000000..9cd6c5f621 --- /dev/null +++ b/2024/CVE-2024-7754.md @@ -0,0 +1,17 @@ +### [CVE-2024-7754](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7754) +![](https://img.shields.io/static/v1?label=Product&message=Clinics%20Patient%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /ajax/check_medicine_name.php. The manipulation of the argument user_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/Wsstiger/cve/blob/main/Clinic's_sql3.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7793.md b/2024/CVE-2024-7793.md new file mode 100644 index 0000000000..a75b77e10e --- /dev/null +++ b/2024/CVE-2024-7793.md @@ -0,0 +1,17 @@ +### [CVE-2024-7793](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7793) +![](https://img.shields.io/static/v1?label=Product&message=Task%20Progress%20Tracker&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Task Progress Tracker 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-task.php. The manipulation of the argument task_name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/joinia/webray.com.cn/blob/main/Task-Progress-Tracker/Task-Progress-Trackerxss.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7798.md b/2024/CVE-2024-7798.md new file mode 100644 index 0000000000..f9fdef9cd0 --- /dev/null +++ b/2024/CVE-2024-7798.md @@ -0,0 +1,17 @@ +### [CVE-2024-7798](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7798) +![](https://img.shields.io/static/v1?label=Product&message=Simple%20Online%20Bidding%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /simple-online-bidding-system/bidding/admin/ajax.php?action=login2. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/Wsstiger/cve/blob/main/Sourcecoster_sql2.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7799.md b/2024/CVE-2024-7799.md new file mode 100644 index 0000000000..a063d1d412 --- /dev/null +++ b/2024/CVE-2024-7799.md @@ -0,0 +1,17 @@ +### [CVE-2024-7799](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7799) +![](https://img.shields.io/static/v1?label=Product&message=Simple%20Online%20Bidding%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-285%20Improper%20Authorization&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /simple-online-bidding-system/bidding/admin/users.php. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/Wsstiger/cve/blob/main/Sourcecoster_unauthorized.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7800.md b/2024/CVE-2024-7800.md new file mode 100644 index 0000000000..697210fe29 --- /dev/null +++ b/2024/CVE-2024-7800.md @@ -0,0 +1,17 @@ +### [CVE-2024-7800](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7800) +![](https://img.shields.io/static/v1?label=Product&message=Simple%20Online%20Bidding%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability classified as critical has been found in SourceCodester Simple Online Bidding System 1.0. This affects an unknown part of the file /simple-online-bidding-system/bidding/admin/ajax.php?action=delete_product. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/Wsstiger/cve/blob/main/Sourcecoster_sql3.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7808.md b/2024/CVE-2024-7808.md new file mode 100644 index 0000000000..6a333b494e --- /dev/null +++ b/2024/CVE-2024-7808.md @@ -0,0 +1,17 @@ +### [CVE-2024-7808](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7808) +![](https://img.shields.io/static/v1?label=Product&message=Job%20Portal&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in code-projects Job Portal 1.0. It has been classified as critical. Affected is an unknown function of the file logindbc.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/XYgit-99/cve/issues/1 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7809.md b/2024/CVE-2024-7809.md new file mode 100644 index 0000000000..7cc86c8496 --- /dev/null +++ b/2024/CVE-2024-7809.md @@ -0,0 +1,17 @@ +### [CVE-2024-7809](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7809) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Graduate%20Tracer%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-548%20Exposure%20of%20Information%20Through%20Directory%20Listing&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /tracking/nbproject/. The manipulation leads to exposure of information through directory listing. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/Wsstiger/cve/blob/main/Tracer_mu.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7812.md b/2024/CVE-2024-7812.md new file mode 100644 index 0000000000..b6de7ab0da --- /dev/null +++ b/2024/CVE-2024-7812.md @@ -0,0 +1,17 @@ +### [CVE-2024-7812](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7812) +![](https://img.shields.io/static/v1?label=Product&message=Best%20House%20Rental%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen) + +### Description + +A vulnerability classified as problematic was found in SourceCodester Best House Rental Management System 1.0. This vulnerability affects unknown code of the file /rental_0/rental/ajax.php?action=save_tenant of the component POST Parameter Handler. The manipulation of the argument lastname leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/lscjl/lsi.webray.com.cn/blob/main/CVE-project/rental%20management%20system%20Stored%20Cross-Site%20Scripting(XSS).md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7828.md b/2024/CVE-2024-7828.md new file mode 100644 index 0000000000..12e7c49cc7 --- /dev/null +++ b/2024/CVE-2024-7828.md @@ -0,0 +1,36 @@ +### [CVE-2024-7828](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7828) +![](https://img.shields.io/static/v1?label=Product&message=DNR-202L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNR-322L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNR-326&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-1100-4&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-120&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-1200-05&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-1550-04&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-315L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-320&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-320L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-320LW&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-321&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-323&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-325&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-326&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-327L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-340L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-343&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-345&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-726-4&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020240814%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-120%20Buffer%20Overflow&color=brighgreen) + +### Description + +** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. This vulnerability affects the function cgi_set_cover of the file /cgi-bin/photocenter_mgr.cgi. The manipulation of the argument album_name leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. + +### POC + +#### Reference +- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_set_cover.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7829.md b/2024/CVE-2024-7829.md index 11aa511891..bf2d9e5a51 100644 --- a/2024/CVE-2024-7829.md +++ b/2024/CVE-2024-7829.md @@ -29,7 +29,7 @@ ### POC #### Reference -No PoCs from references. +- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_del_photo.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-7830.md b/2024/CVE-2024-7830.md index ea03029194..67034c9b39 100644 --- a/2024/CVE-2024-7830.md +++ b/2024/CVE-2024-7830.md @@ -29,7 +29,7 @@ ### POC #### Reference -No PoCs from references. +- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_move_photo.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-7831.md b/2024/CVE-2024-7831.md index e16d519aa9..52a6e83429 100644 --- a/2024/CVE-2024-7831.md +++ b/2024/CVE-2024-7831.md @@ -29,7 +29,7 @@ ### POC #### Reference -No PoCs from references. +- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_cooliris.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-7832.md b/2024/CVE-2024-7832.md index 35878e33d2..aa01b1ca79 100644 --- a/2024/CVE-2024-7832.md +++ b/2024/CVE-2024-7832.md @@ -29,7 +29,7 @@ ### POC #### Reference -No PoCs from references. +- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_fullscreen_photos.md #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-7838.md b/2024/CVE-2024-7838.md new file mode 100644 index 0000000000..e5d996e575 --- /dev/null +++ b/2024/CVE-2024-7838.md @@ -0,0 +1,17 @@ +### [CVE-2024-7838](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7838) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Food%20Ordering%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in itsourcecode Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /addcategory.php. The manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/ppp-src/a/issues/1 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7839.md b/2024/CVE-2024-7839.md new file mode 100644 index 0000000000..f7da5ecbd4 --- /dev/null +++ b/2024/CVE-2024-7839.md @@ -0,0 +1,17 @@ +### [CVE-2024-7839](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7839) +![](https://img.shields.io/static/v1?label=Product&message=Billing%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability classified as critical has been found in itsourcecode Billing System 1.0. This affects an unknown part of the file addbill.php. The manipulation of the argument owners_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/ppp-src/a/issues/2 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7841.md b/2024/CVE-2024-7841.md new file mode 100644 index 0000000000..26785e7cd3 --- /dev/null +++ b/2024/CVE-2024-7841.md @@ -0,0 +1,17 @@ +### [CVE-2024-7841](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7841) +![](https://img.shields.io/static/v1?label=Product&message=Clinics%20Patient%20Management%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability classified as critical was found in SourceCodester Clinics Patient Management System 1.0. This vulnerability affects unknown code of the file /pms/ajax/check_user_name.php. The manipulation of the argument user_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/qqlove555/cve/blob/main/sql.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7842.md b/2024/CVE-2024-7842.md new file mode 100644 index 0000000000..31f31395e8 --- /dev/null +++ b/2024/CVE-2024-7842.md @@ -0,0 +1,17 @@ +### [CVE-2024-7842](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7842) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Graduate%20Tracer%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%20Information%20Disclosure&color=brighgreen) + +### Description + +A vulnerability, which was classified as problematic, has been found in SourceCodester Online Graduate Tracer System 1.0. This issue affects some unknown processing of the file /tracking/admin/export_it.php. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/Wsstiger/cve/blob/main/Tracer_info.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7845.md b/2024/CVE-2024-7845.md new file mode 100644 index 0000000000..9d965b6b9c --- /dev/null +++ b/2024/CVE-2024-7845.md @@ -0,0 +1,17 @@ +### [CVE-2024-7845](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7845) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Graduate%20Tracer%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /tracking/admin/fetch_it.php. The manipulation of the argument request leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/Wsstiger/cve/blob/main/Tracer_sql2.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7849.md b/2024/CVE-2024-7849.md new file mode 100644 index 0000000000..02caafedcd --- /dev/null +++ b/2024/CVE-2024-7849.md @@ -0,0 +1,36 @@ +### [CVE-2024-7849](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7849) +![](https://img.shields.io/static/v1?label=Product&message=DNR-202L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNR-322L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNR-326&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-1100-4&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-120&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-1200-05&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-1550-04&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-315L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-320&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-320L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-320LW&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-321&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-323&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-325&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-326&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-327L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-340L&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-343&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-345&color=blue) +![](https://img.shields.io/static/v1?label=Product&message=DNS-726-4&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%2020240814%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-120%20Buffer%20Overflow&color=brighgreen) + +### Description + +** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. This affects the function cgi_create_album of the file /cgi-bin/photocenter_mgr.cgi. The manipulation of the argument current_path leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed that the product is end-of-life. It should be retired and replaced. + +### POC + +#### Reference +- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_create_album.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7851.md b/2024/CVE-2024-7851.md new file mode 100644 index 0000000000..ca8c767eb8 --- /dev/null +++ b/2024/CVE-2024-7851.md @@ -0,0 +1,17 @@ +### [CVE-2024-7851](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7851) +![](https://img.shields.io/static/v1?label=Product&message=Yoga%20Class%20Registration%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-285%20Improper%20Authorization&color=brighgreen) + +### Description + +A vulnerability has been found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /classes/Users.php?f=save of the component Add User Handler. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/Wsstiger/cve/blob/main/Yoga_add.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7852.md b/2024/CVE-2024-7852.md new file mode 100644 index 0000000000..6350bfb81d --- /dev/null +++ b/2024/CVE-2024-7852.md @@ -0,0 +1,17 @@ +### [CVE-2024-7852](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7852) +![](https://img.shields.io/static/v1?label=Product&message=Yoga%20Class%20Registration%20System&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen) + +### Description + +A vulnerability was found in SourceCodester Yoga Class Registration System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/inquiries/view_inquiry.php. The manipulation of the argument message leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. + +### POC + +#### Reference +- https://github.com/Wsstiger/cve/blob/main/Yoga_xss.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7887.md b/2024/CVE-2024-7887.md index ac23165ea2..5e95bd1d50 100644 --- a/2024/CVE-2024-7887.md +++ b/2024/CVE-2024-7887.md @@ -10,7 +10,7 @@ A vulnerability was found in LimeSurvey 6.3.0-231016 and classified as problemat ### POC #### Reference -No PoCs from references. +- https://github.com/Hebing123/cve/issues/67 #### Github - https://github.com/fkie-cad/nvd-json-data-feeds diff --git a/2024/CVE-2024-7896.md b/2024/CVE-2024-7896.md new file mode 100644 index 0000000000..1650e4d704 --- /dev/null +++ b/2024/CVE-2024-7896.md @@ -0,0 +1,17 @@ +### [CVE-2024-7896](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7896) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Store%20Management%20System%20%E3%83%8D%E3%83%83%E3%83%88%E5%BA%97%E8%88%97%E7%AE%A1%E7%90%86%E3%82%B7%E3%82%B9%E3%83%86%E3%83%A0&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%204.02%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-77%20Command%20Injection&color=brighgreen) + +### Description + +A vulnerability was found in Tosei Online Store Management System ネット店舗管理システム 4.02/4.03/4.04. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cgi-bin/p1_ftpserver.php. The manipulation of the argument adr_txt leads to command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://gist.github.com/b0rgch3n/4788c7c429d49095915d84161a157295 + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-7897.md b/2024/CVE-2024-7897.md new file mode 100644 index 0000000000..d2268b6f6b --- /dev/null +++ b/2024/CVE-2024-7897.md @@ -0,0 +1,17 @@ +### [CVE-2024-7897](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7897) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Store%20Management%20System%20%E3%83%8D%E3%83%83%E3%83%88%E5%BA%97%E8%88%97%E7%AE%A1%E7%90%86%E3%82%B7%E3%82%B9%E3%83%86%E3%83%A0&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%204.02%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-77%20Command%20Injection&color=brighgreen) + +### Description + +A vulnerability classified as critical has been found in Tosei Online Store Management System ネット店舗管理システム 4.02/4.03/4.04. This affects an unknown part of the file /cgi-bin/tosei_kikai.php. The manipulation of the argument kikaibangou leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://gist.github.com/b0rgch3n/bb47a1ed6f66c1e8c7a80f210f4ac8ef + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/2024/CVE-2024-7898.md b/2024/CVE-2024-7898.md new file mode 100644 index 0000000000..02b8e015ab --- /dev/null +++ b/2024/CVE-2024-7898.md @@ -0,0 +1,17 @@ +### [CVE-2024-7898](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7898) +![](https://img.shields.io/static/v1?label=Product&message=Online%20Store%20Management%20System%20%E3%83%8D%E3%83%83%E3%83%88%E5%BA%97%E8%88%97%E7%AE%A1%E7%90%86%E3%82%B7%E3%82%B9%E3%83%86%E3%83%A0&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%204.02%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-1392%20Use%20of%20Default%20Credentials&color=brighgreen) + +### Description + +A vulnerability classified as critical was found in Tosei Online Store Management System ネット店舗管理システム 4.02/4.03/4.04. This vulnerability affects unknown code of the component Backend. The manipulation leads to use of default credentials. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://gist.github.com/b0rgch3n/3136cad95b09e42184fb2d78aae33651 + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7900.md b/2024/CVE-2024-7900.md new file mode 100644 index 0000000000..5163371d23 --- /dev/null +++ b/2024/CVE-2024-7900.md @@ -0,0 +1,18 @@ +### [CVE-2024-7900](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7900) +![](https://img.shields.io/static/v1?label=Product&message=TpMeCMS&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%201.3.3.2%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen) + +### Description + +A vulnerability, which was classified as problematic, was found in xiaohe4966 TpMeCMS 1.3.3.2. Affected is an unknown function of the file /h.php/general/config?ref=addtabs of the component Basic Configuration Handler. The manipulation of the argument Site Name/Beian/Contact address/copyright/technical support leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +- https://github.com/DeepMountains/Mirage/blob/main/CVE16-1.md +- https://github.com/DeepMountains/Mirage/blob/main/CVE16-2.md + +#### Github +No PoCs found on GitHub currently. + diff --git a/2024/CVE-2024-7904.md b/2024/CVE-2024-7904.md new file mode 100644 index 0000000000..baa7d22646 --- /dev/null +++ b/2024/CVE-2024-7904.md @@ -0,0 +1,17 @@ +### [CVE-2024-7904](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7904) +![](https://img.shields.io/static/v1?label=Product&message=DedeBIZ&color=blue) +![](https://img.shields.io/static/v1?label=Version&message=%3D%206.3.0%20&color=brighgreen) +![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen) + +### Description + +A vulnerability was found in DedeBIZ 6.3.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/file_manage_control.php of the component File Extension Handler. The manipulation of the argument upfile1 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + +### POC + +#### Reference +No PoCs from references. + +#### Github +- https://github.com/fkie-cad/nvd-json-data-feeds + diff --git a/github.txt b/github.txt index 3274a381bc..8cf786aa5f 100644 --- a/github.txt +++ b/github.txt @@ -2049,6 +2049,7 @@ CVE-2007-2383 - https://github.com/sho-h/pkgvulscheck CVE-2007-2405 - https://github.com/0xCyberY/CVE-T4PDF CVE-2007-2405 - https://github.com/ARPSyndicate/cvemon CVE-2007-2426 - https://github.com/ARPSyndicate/cvemon +CVE-2007-2426 - https://github.com/goudunz1/CVE-2007-2426 CVE-2007-2426 - https://github.com/warriordog/little-log-scan CVE-2007-2438 - https://github.com/ARPSyndicate/cvemon CVE-2007-2438 - https://github.com/finagin/encyclopedia @@ -11909,6 +11910,7 @@ CVE-2014-0160 - https://github.com/loyality7/Awesome-Cyber CVE-2014-0160 - https://github.com/luciusmona/NSAKEY-OpenVPN-install CVE-2014-0160 - https://github.com/madhavmehndiratta/Google-Code-In-2019 CVE-2014-0160 - https://github.com/mahyarx/pentest-tools +CVE-2014-0160 - https://github.com/maitejartf/awesome-security CVE-2014-0160 - https://github.com/majidkalantarii/WebHacking CVE-2014-0160 - https://github.com/marianobarrios/tls-channel CVE-2014-0160 - https://github.com/marrocamp/Impressionante-pentest @@ -14481,6 +14483,7 @@ CVE-2014-6271 - https://github.com/louisdeck/empiricism CVE-2014-6271 - https://github.com/loyality7/Awesome-Cyber CVE-2014-6271 - https://github.com/lp008/Hack-readme CVE-2014-6271 - https://github.com/mahyarx/pentest-tools +CVE-2014-6271 - https://github.com/maitejartf/awesome-security CVE-2014-6271 - https://github.com/majidkalantarii/WebHacking CVE-2014-6271 - https://github.com/make0day/pentest CVE-2014-6271 - https://github.com/maragard/genestealer @@ -64774,6 +64777,7 @@ CVE-2019-11447 - https://github.com/ARPSyndicate/cvemon CVE-2019-11447 - https://github.com/CRFSlick/CVE-2019-11447-POC CVE-2019-11447 - https://github.com/ColdFusionX/CVE-2019-11447_CuteNews-AvatarUploadRCE CVE-2019-11447 - https://github.com/Meowmycks/OSCPprep-Cute +CVE-2019-11447 - https://github.com/Mr-Tree-S/POC_EXP CVE-2019-11447 - https://github.com/anquanscan/sec-tools CVE-2019-11447 - https://github.com/developer3000S/PoC-in-GitHub CVE-2019-11447 - https://github.com/dinesh876/CVE-2019-11447-POC @@ -123491,6 +123495,7 @@ CVE-2022-1732 - https://github.com/ARPSyndicate/cvemon CVE-2022-1737 - https://github.com/ARPSyndicate/cvemon CVE-2022-1737 - https://github.com/JoshuaMart/JoshuaMart CVE-2022-1748 - https://github.com/claroty/opcua-exploit-framework +CVE-2022-1751 - https://github.com/20142995/nuclei-templates CVE-2022-1756 - https://github.com/ARPSyndicate/cvemon CVE-2022-1757 - https://github.com/ARPSyndicate/cvemon CVE-2022-1758 - https://github.com/ARPSyndicate/cvemon @@ -141796,6 +141801,7 @@ CVE-2022-45299 - https://github.com/whoforget/CVE-POC CVE-2022-45299 - https://github.com/youwizard/CVE-POC CVE-2022-45313 - https://github.com/ARPSyndicate/cvemon CVE-2022-45313 - https://github.com/H4lo/awesome-IoT-security-article +CVE-2022-4532 - https://github.com/20142995/nuclei-templates CVE-2022-45320 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2022-45347 - https://github.com/Threekiii/CVE CVE-2022-45354 - https://github.com/RandomRobbieBF/CVE-2022-45354 @@ -143226,6 +143232,7 @@ CVE-2023-0701 - https://github.com/ARPSyndicate/cvemon CVE-2023-0702 - https://github.com/ARPSyndicate/cvemon CVE-2023-0704 - https://github.com/ARPSyndicate/cvemon CVE-2023-0705 - https://github.com/ARPSyndicate/cvemon +CVE-2023-0714 - https://github.com/20142995/nuclei-templates CVE-2023-0732 - https://github.com/ARPSyndicate/cvemon CVE-2023-0732 - https://github.com/Vinalti/cve-badge.li CVE-2023-0737 - https://github.com/bAuh0lz/Vulnerabilities @@ -143647,6 +143654,7 @@ CVE-2023-1595 - https://github.com/karimhabush/cyberowl CVE-2023-1596 - https://github.com/truocphan/VulnBox CVE-2023-1597 - https://github.com/truocphan/VulnBox CVE-2023-1598 - https://github.com/morpheuslord/CVE-llm_dataset +CVE-2023-1604 - https://github.com/20142995/nuclei-templates CVE-2023-1614 - https://github.com/ARPSyndicate/cvemon CVE-2023-1629 - https://github.com/ARPSyndicate/cvemon CVE-2023-1629 - https://github.com/zeze-zeze/WindowsKernelVuln @@ -149503,6 +149511,8 @@ CVE-2023-34062 - https://github.com/chainguard-dev/pombump CVE-2023-34062 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-34062 - https://github.com/tanjiti/sec_profile CVE-2023-34062 - https://github.com/vaikas/pombump +CVE-2023-3408 - https://github.com/20142995/nuclei-templates +CVE-2023-3409 - https://github.com/20142995/nuclei-templates CVE-2023-34092 - https://github.com/FlapyPan/test-cve-2023-34092 CVE-2023-34092 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-34094 - https://github.com/aboutbo/aboutbo @@ -149523,6 +149533,7 @@ CVE-2023-34151 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-34152 - https://github.com/SudoIndividual/CVE-2023-34152 CVE-2023-34152 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2023-34152 - https://github.com/overgrowncarrot1/ImageTragick_CVE-2023-34152 +CVE-2023-3416 - https://github.com/20142995/nuclei-templates CVE-2023-34164 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-3417 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-34174 - https://github.com/hackintoanetwork/hackintoanetwork @@ -149531,6 +149542,7 @@ CVE-2023-3418 - https://github.com/NaInSec/CVE-LIST CVE-2023-34181 - https://github.com/hackintoanetwork/hackintoanetwork CVE-2023-34185 - https://github.com/hackintoanetwork/hackintoanetwork CVE-2023-34188 - https://github.com/narfindustries/http-garden +CVE-2023-3419 - https://github.com/20142995/nuclei-templates CVE-2023-34190 - https://github.com/LOURC0D3/LOURC0D3 CVE-2023-34192 - https://github.com/netlas-io/netlas-dorks CVE-2023-34197 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -149924,6 +149936,7 @@ CVE-2023-3519 - https://github.com/telekom-security/cve-2023-3519-citrix-scanner CVE-2023-3519 - https://github.com/whoami13apt/files2 CVE-2023-3519 - https://github.com/xaitax/cisa-catalog-known-vulnerabilities CVE-2023-35191 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-3521 - https://github.com/20142995/nuclei-templates CVE-2023-3528 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-3529 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-35311 - https://github.com/Douda/PSSymantecCloud @@ -151473,6 +151486,7 @@ CVE-2023-39326 - https://github.com/testing-felickz/docker-scout-demo CVE-2023-39336 - https://github.com/netlas-io/netlas-dorks CVE-2023-39341 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-39344 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-39351 - https://github.com/DiRaltvein/memory-corruption-examples CVE-2023-39357 - https://github.com/NaInSec/CVE-LIST CVE-2023-39360 - https://github.com/NaInSec/CVE-LIST CVE-2023-39361 - https://github.com/NaInSec/CVE-LIST @@ -151797,7 +151811,10 @@ CVE-2023-40217 - https://github.com/toxyl/lscve CVE-2023-40225 - https://github.com/narfindustries/http-garden CVE-2023-4023 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-40238 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-4024 - https://github.com/20142995/nuclei-templates +CVE-2023-4025 - https://github.com/20142995/nuclei-templates CVE-2023-40250 - https://github.com/c0m0r1/c0m0r1 +CVE-2023-4027 - https://github.com/20142995/nuclei-templates CVE-2023-40275 - https://github.com/BugBountyHunterCVE/CVE-2023-40275 CVE-2023-40275 - https://github.com/NaInSec/CVE-LIST CVE-2023-40275 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -153467,10 +153484,12 @@ CVE-2023-45052 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45055 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45058 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45060 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-45061 - https://github.com/20142995/nuclei-templates CVE-2023-45063 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45064 - https://github.com/hackintoanetwork/hackintoanetwork CVE-2023-45068 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45069 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-4507 - https://github.com/20142995/nuclei-templates CVE-2023-45074 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45102 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45103 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -153671,6 +153690,7 @@ CVE-2023-45648 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45648 - https://github.com/fractal-visi0n/security-assessement CVE-2023-45648 - https://github.com/muneebaashiq/MBProjects CVE-2023-45648 - https://github.com/tanjiti/sec_profile +CVE-2023-45649 - https://github.com/20142995/nuclei-templates CVE-2023-45650 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45651 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-45653 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -153858,6 +153878,7 @@ CVE-2023-46023 - https://github.com/ersinerenler/Code-Projects-Simple-Task-List- CVE-2023-46024 - https://github.com/ersinerenler/PHPGurukul-Teacher-Subject-Allocation-Management-System-1.0 CVE-2023-46025 - https://github.com/ersinerenler/PHPGurukul-Teacher-Subject-Allocation-Management-System-1.0 CVE-2023-46026 - https://github.com/ersinerenler/PHPGurukul-Teacher-Subject-Allocation-Management-System-1.0 +CVE-2023-4604 - https://github.com/20142995/nuclei-templates CVE-2023-46058 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-46059 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-46066 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -154376,6 +154397,7 @@ CVE-2023-47252 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-47254 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-47262 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-47265 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-4730 - https://github.com/20142995/nuclei-templates CVE-2023-47320 - https://github.com/RhinoSecurityLabs/CVEs CVE-2023-47321 - https://github.com/RhinoSecurityLabs/CVEs CVE-2023-47322 - https://github.com/RhinoSecurityLabs/CVEs @@ -154452,6 +154474,7 @@ CVE-2023-4768 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-4769 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-47691 - https://github.com/NaInSec/CVE-LIST CVE-2023-47691 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-47694 - https://github.com/20142995/nuclei-templates CVE-2023-47699 - https://github.com/NaInSec/CVE-LIST CVE-2023-47699 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-47702 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -156138,6 +156161,7 @@ CVE-2023-5484 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-5485 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-5486 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-5487 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2023-5505 - https://github.com/20142995/nuclei-templates CVE-2023-5517 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2023-5517 - https://github.com/fokypoky/places-list CVE-2023-5517 - https://github.com/marklogic/marklogic-docker @@ -169995,6 +170019,7 @@ CVE-2024-36971 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-36971 - https://github.com/tanjiti/sec_profile CVE-2024-3698 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3699 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-36991 - https://github.com/0xMarcio/cve CVE-2024-36991 - https://github.com/Ostorlab/KEV CVE-2024-36991 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-36991 - https://github.com/onewinner/POCS @@ -170040,6 +170065,7 @@ CVE-2024-37399 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-37407 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3744 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3745 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-37450 - https://github.com/20142995/nuclei-templates CVE-2024-37465 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-37466 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3748 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -170106,6 +170132,7 @@ CVE-2024-37935 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-37952 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3797 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-38021 - https://github.com/cybereagle2001/KQL-Security-Querries +CVE-2024-38021 - https://github.com/delivr-to/detections CVE-2024-38030 - https://github.com/tomerpeled92/CVE CVE-2024-38036 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-38041 - https://github.com/nomi-sec/PoC-in-GitHub @@ -170115,6 +170142,7 @@ CVE-2024-3806 - https://github.com/truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807 CVE-2024-38063 - https://github.com/being1943/my_rss_reader CVE-2024-38063 - https://github.com/kherrick/hacker-news CVE-2024-38063 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-38063 - https://github.com/tanjiti/sec_profile CVE-2024-38063 - https://github.com/zhaoolee/garss CVE-2024-3807 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3807 - https://github.com/truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc @@ -170179,6 +170207,7 @@ CVE-2024-3846 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3847 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-38472 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-38473 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-38475 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-38481 - https://github.com/chnzzh/iDRAC-CVE-lib CVE-2024-38483 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-38489 - https://github.com/chnzzh/iDRAC-CVE-lib @@ -170228,6 +170257,7 @@ CVE-2024-38786 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-38787 - https://github.com/20142995/nuclei-templates CVE-2024-38787 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-3879 - https://github.com/LaPhilosophie/IoT-vulnerable +CVE-2024-38793 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-3880 - https://github.com/LaPhilosophie/IoT-vulnerable CVE-2024-38809 - https://github.com/ch4n3-yoon/ch4n3-yoon CVE-2024-3881 - https://github.com/LaPhilosophie/IoT-vulnerable @@ -170714,6 +170744,7 @@ CVE-2024-41640 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4165 - https://github.com/LaPhilosophie/IoT-vulnerable CVE-2024-41651 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-4166 - https://github.com/LaPhilosophie/IoT-vulnerable +CVE-2024-41660 - https://github.com/tanjiti/sec_profile CVE-2024-41662 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-41662 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-41662 - https://github.com/sh3bu/sh3bu @@ -170992,6 +171023,7 @@ CVE-2024-43207 - https://github.com/20142995/nuclei-templates CVE-2024-43208 - https://github.com/20142995/nuclei-templates CVE-2024-43209 - https://github.com/20142995/nuclei-templates CVE-2024-43210 - https://github.com/20142995/nuclei-templates +CVE-2024-43211 - https://github.com/20142995/nuclei-templates CVE-2024-43212 - https://github.com/20142995/nuclei-templates CVE-2024-43213 - https://github.com/20142995/nuclei-templates CVE-2024-43214 - https://github.com/20142995/nuclei-templates @@ -171026,12 +171058,36 @@ CVE-2024-43233 - https://github.com/20142995/nuclei-templates CVE-2024-43233 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-43235 - https://github.com/20142995/nuclei-templates CVE-2024-43236 - https://github.com/20142995/nuclei-templates +CVE-2024-43238 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4324 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43276 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4328 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43305 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43306 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43307 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43308 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43309 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4331 - https://github.com/angelov-1080/CVE_Checker CVE-2024-4331 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43313 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43318 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43320 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43321 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43324 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43327 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43329 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4333 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43330 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43335 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-4334 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43342 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43344 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43346 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43347 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43348 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43349 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43351 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-43352 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-43358 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-43359 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-43360 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -171470,6 +171526,8 @@ CVE-2024-5385 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5389 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5390 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-5391 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-5420 - https://github.com/20142995/nuclei-templates +CVE-2024-5421 - https://github.com/20142995/nuclei-templates CVE-2024-5423 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-54321 - https://github.com/runwuf/clickhouse-test CVE-2024-5438 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -171563,6 +171621,7 @@ CVE-2024-6004 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6021 - https://github.com/20142995/nuclei-templates CVE-2024-6027 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6028 - https://github.com/nomi-sec/PoC-in-GitHub +CVE-2024-6043 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-6050 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-6070 - https://github.com/20142995/nuclei-templates CVE-2024-6095 - https://github.com/sev-hack/sev-hack @@ -171659,6 +171718,7 @@ CVE-2024-6494 - https://github.com/20142995/nuclei-templates CVE-2024-6494 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6496 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6498 - https://github.com/20142995/nuclei-templates +CVE-2024-6500 - https://github.com/20142995/nuclei-templates CVE-2024-6518 - https://github.com/fluentform/fluentform CVE-2024-6520 - https://github.com/fluentform/fluentform CVE-2024-6521 - https://github.com/fluentform/fluentform @@ -171734,6 +171794,7 @@ CVE-2024-6869 - https://github.com/20142995/nuclei-templates CVE-2024-6884 - https://github.com/20142995/nuclei-templates CVE-2024-6890 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6891 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-6893 - https://github.com/20142995/nuclei-templates CVE-2024-6893 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-6896 - https://github.com/20142995/nuclei-templates CVE-2024-6911 - https://github.com/wy876/POC @@ -171776,6 +171837,7 @@ CVE-2024-7092 - https://github.com/20142995/nuclei-templates CVE-2024-7092 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7094 - https://github.com/20142995/nuclei-templates CVE-2024-7094 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7094 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-7120 - https://github.com/Ostorlab/KEV CVE-2024-7120 - https://github.com/komodoooo/Some-things CVE-2024-7136 - https://github.com/20142995/nuclei-templates @@ -171939,13 +172001,16 @@ CVE-2024-7621 - https://github.com/20142995/nuclei-templates CVE-2024-7624 - https://github.com/20142995/nuclei-templates CVE-2024-7628 - https://github.com/20142995/nuclei-templates CVE-2024-7630 - https://github.com/20142995/nuclei-templates +CVE-2024-7646 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-7648 - https://github.com/20142995/nuclei-templates CVE-2024-7649 - https://github.com/20142995/nuclei-templates CVE-2024-7690 - https://github.com/20142995/nuclei-templates CVE-2024-7691 - https://github.com/20142995/nuclei-templates CVE-2024-7692 - https://github.com/20142995/nuclei-templates CVE-2024-7697 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7703 - https://github.com/20142995/nuclei-templates CVE-2024-7703 - https://github.com/lfillaz/CVE-2024-7703 +CVE-2024-7703 - https://github.com/nomi-sec/PoC-in-GitHub CVE-2024-7704 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7705 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7706 - https://github.com/fkie-cad/nvd-json-data-feeds @@ -171967,6 +172032,8 @@ CVE-2024-7886 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7887 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7896 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-7897 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7904 - https://github.com/fkie-cad/nvd-json-data-feeds +CVE-2024-7906 - https://github.com/fkie-cad/nvd-json-data-feeds CVE-2024-87654 - https://github.com/runwuf/clickhouse-test CVE-2024-98765 - https://github.com/runwuf/clickhouse-test CVE-2024-99999 - https://github.com/kolewttd/wtt diff --git a/references.txt b/references.txt index 09bf7fbf2a..66da2cebd1 100644 --- a/references.txt +++ b/references.txt @@ -16837,6 +16837,7 @@ CVE-2009-4756 - http://www.exploit-db.com/exploits/8588 CVE-2009-4757 - http://www.exploit-db.com/exploits/8601 CVE-2009-4758 - http://www.exploit-db.com/exploits/8568 CVE-2009-4759 - http://www.exploit-db.com/exploits/8607 +CVE-2009-4762 - http://ubuntu.com/usn/usn-941-1 CVE-2009-4765 - http://packetstormsecurity.org/1001-exploits/aspcnrhikaye-disclose.txt CVE-2009-4766 - http://packetstormsecurity.org/1001-exploits/ypportal-disclose.txt CVE-2009-4775 - http://www.exploit-db.com/exploits/9607 @@ -20497,6 +20498,7 @@ CVE-2011-2935 - https://oss-security.openwall.narkive.com/1UH3NYx8/cve-request-e CVE-2011-2936 - https://oss-security.openwall.narkive.com/1UH3NYx8/cve-request-elgg-1-7-10-multiple-vulnerabilities CVE-2011-2938 - http://packetstormsecurity.org/files/104149 CVE-2011-2938 - http://securityreason.com/securityalert/8391 +CVE-2011-2938 - https://bugzilla.redhat.com/show_bug.cgi?id=731777 CVE-2011-2944 - http://packetstormsecurity.org/files/110166/The-Uploader-2.0.4-Eng-Ita-Remote-File-Upload.html CVE-2011-2964 - http://www.openwall.com/lists/oss-security/2011/07/13/3 CVE-2011-2964 - http://www.openwall.com/lists/oss-security/2011/07/18/3 @@ -99374,14 +99376,20 @@ CVE-2024-40775 - http://seclists.org/fulldisclosure/2024/Jul/18 CVE-2024-40775 - http://seclists.org/fulldisclosure/2024/Jul/19 CVE-2024-40776 - http://seclists.org/fulldisclosure/2024/Jul/15 CVE-2024-40776 - http://seclists.org/fulldisclosure/2024/Jul/16 +CVE-2024-40776 - http://seclists.org/fulldisclosure/2024/Jul/17 +CVE-2024-40776 - http://seclists.org/fulldisclosure/2024/Jul/18 CVE-2024-40777 - http://seclists.org/fulldisclosure/2024/Jul/16 CVE-2024-40778 - http://seclists.org/fulldisclosure/2024/Jul/16 CVE-2024-40778 - http://seclists.org/fulldisclosure/2024/Jul/17 CVE-2024-40778 - http://seclists.org/fulldisclosure/2024/Jul/18 CVE-2024-40779 - http://seclists.org/fulldisclosure/2024/Jul/15 CVE-2024-40779 - http://seclists.org/fulldisclosure/2024/Jul/16 +CVE-2024-40779 - http://seclists.org/fulldisclosure/2024/Jul/17 +CVE-2024-40779 - http://seclists.org/fulldisclosure/2024/Jul/18 CVE-2024-40780 - http://seclists.org/fulldisclosure/2024/Jul/15 CVE-2024-40780 - http://seclists.org/fulldisclosure/2024/Jul/16 +CVE-2024-40780 - http://seclists.org/fulldisclosure/2024/Jul/17 +CVE-2024-40780 - http://seclists.org/fulldisclosure/2024/Jul/18 CVE-2024-40781 - http://seclists.org/fulldisclosure/2024/Jul/18 CVE-2024-40781 - http://seclists.org/fulldisclosure/2024/Jul/19 CVE-2024-40782 - http://seclists.org/fulldisclosure/2024/Jul/15 @@ -99623,6 +99631,8 @@ CVE-2024-42055 - https://github.com/CervantesSec/cervantes/commit/78631a034d0fb3 CVE-2024-4210 - https://hackerone.com/reports/2431562 CVE-2024-4217 - https://wpscan.com/vulnerability/55cb43bf-7c8f-4df7-b4de-bf2bb1c2766d/ CVE-2024-4224 - https://takeonme.org/cves/CVE-2024-4224.html +CVE-2024-42318 - https://lore.kernel.org/all/20240817.shahka3Ee1iy@digikod.net/ +CVE-2024-42318 - https://www.openwall.com/lists/oss-security/2024/08/17/2 CVE-2024-42348 - https://github.com/FOGProject/fogproject/security/advisories/GHSA-456c-4gw3-c9xw CVE-2024-42349 - https://github.com/FOGProject/fogproject/security/advisories/GHSA-697m-3c4p-g29h CVE-2024-42352 - https://github.com/nuxt/icon/security/advisories/GHSA-cxgv-px37-4mp2 @@ -100470,18 +100480,51 @@ CVE-2024-7705 - https://github.com/DeepMountains/Mirage/blob/main/CVE12-1.md CVE-2024-7706 - https://github.com/DeepMountains/Mirage/blob/main/CVE12-2.md CVE-2024-7707 - https://github.com/VodkaVortex/IoT/blob/main/formSafeEmailFilter.md CVE-2024-7715 - https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_photo_search.md +CVE-2024-7738 - https://github.com/abhi-ingle/Vulnerability-Research/blob/main/POC/Arbitrary%20File%20Read/file_read_report.md +CVE-2024-7738 - https://github.com/abhi-ingle/Vulnerability-Research/blob/main/POC/Arbitrary%20File%20Read/poc_arbitrary_file_read.mp4 +CVE-2024-7739 - https://github.com/abhi-ingle/Vulnerability-Research/blob/main/POC/Script%20Injection/poc_script_inject.mp4 +CVE-2024-7739 - https://github.com/abhi-ingle/Vulnerability-Research/blob/main/POC/Script%20Injection/script_injection_report.md CVE-2024-7740 - https://github.com/DeepMountains/Mirage/blob/main/CVE14-1.md CVE-2024-7741 - https://github.com/DeepMountains/Mirage/blob/main/CVE14-2.md +CVE-2024-7742 - https://github.com/DeepMountains/Mirage/blob/main/CVE14-3.md CVE-2024-7743 - https://github.com/DeepMountains/Mirage/blob/main/CVE14-4.md CVE-2024-7748 - https://github.com/joinia/webray.com.cn/blob/main/Accounts-Manager-App/Accounts-Manager-Appsql.md CVE-2024-7749 - https://github.com/joinia/webray.com.cn/blob/main/Accounts-Manager-App/Accounts-Manager-Appxss.md +CVE-2024-7750 - https://github.com/Wsstiger/cve/blob/main/Clinic's_sql.md CVE-2024-7751 - https://github.com/Wsstiger/cve/blob/main/Clinic's_sql2.md CVE-2024-7752 - https://github.com/Wsstiger/cve/blob/main/Clinic's_xss.md +CVE-2024-7754 - https://github.com/Wsstiger/cve/blob/main/Clinic's_sql3.md CVE-2024-7792 - https://github.com/joinia/webray.com.cn/blob/main/Task-Progress-Tracker/Task-Progress-Trackersql.md +CVE-2024-7793 - https://github.com/joinia/webray.com.cn/blob/main/Task-Progress-Tracker/Task-Progress-Trackerxss.md CVE-2024-7794 - https://github.com/ppp-src/ha/issues/5 +CVE-2024-7798 - https://github.com/Wsstiger/cve/blob/main/Sourcecoster_sql2.md +CVE-2024-7799 - https://github.com/Wsstiger/cve/blob/main/Sourcecoster_unauthorized.md +CVE-2024-7800 - https://github.com/Wsstiger/cve/blob/main/Sourcecoster_sql3.md +CVE-2024-7808 - https://github.com/XYgit-99/cve/issues/1 +CVE-2024-7809 - https://github.com/Wsstiger/cve/blob/main/Tracer_mu.md CVE-2024-7810 - https://github.com/Wsstiger/cve/blob/main/Tracer_sql.md CVE-2024-7811 - https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/daily%20expenses%20monitoring%20app%20-%20delete-expense.php%20sql%20injection%20vulnerability.md +CVE-2024-7812 - https://github.com/lscjl/lsi.webray.com.cn/blob/main/CVE-project/rental%20management%20system%20Stored%20Cross-Site%20Scripting(XSS).md CVE-2024-7813 - https://github.com/CYB84/CVE_Writeup/blob/main/Directory%20Listing.md CVE-2024-7814 - https://github.com/CYB84/CVE_Writeup/blob/main/Online%20Railway%20Reservation%20System/Stored%20XSS.md CVE-2024-7815 - https://github.com/CYB84/CVE_Writeup/blob/main/Online%20Railway%20Reservation%20System/Stored%20XSS.md +CVE-2024-7828 - https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_set_cover.md +CVE-2024-7829 - https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_del_photo.md +CVE-2024-7830 - https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_move_photo.md +CVE-2024-7831 - https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_cooliris.md +CVE-2024-7832 - https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_fullscreen_photos.md +CVE-2024-7838 - https://github.com/ppp-src/a/issues/1 +CVE-2024-7839 - https://github.com/ppp-src/a/issues/2 +CVE-2024-7841 - https://github.com/qqlove555/cve/blob/main/sql.md +CVE-2024-7842 - https://github.com/Wsstiger/cve/blob/main/Tracer_info.md +CVE-2024-7845 - https://github.com/Wsstiger/cve/blob/main/Tracer_sql2.md +CVE-2024-7849 - https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_create_album.md +CVE-2024-7851 - https://github.com/Wsstiger/cve/blob/main/Yoga_add.md +CVE-2024-7852 - https://github.com/Wsstiger/cve/blob/main/Yoga_xss.md CVE-2024-7868 - https://www.xpdfreader.com/security-bug/CVE-2024-7868.html +CVE-2024-7887 - https://github.com/Hebing123/cve/issues/67 +CVE-2024-7896 - https://gist.github.com/b0rgch3n/4788c7c429d49095915d84161a157295 +CVE-2024-7897 - https://gist.github.com/b0rgch3n/bb47a1ed6f66c1e8c7a80f210f4ac8ef +CVE-2024-7898 - https://gist.github.com/b0rgch3n/3136cad95b09e42184fb2d78aae33651 +CVE-2024-7900 - https://github.com/DeepMountains/Mirage/blob/main/CVE16-1.md +CVE-2024-7900 - https://github.com/DeepMountains/Mirage/blob/main/CVE16-2.md