#ExploitObserverAlert
GHSA-9vh6-qfv6-vcqp
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-9vh6-qfv6-vcqp. Snipe-IT is a free, open-source IT asset/license management systemIn Snipe-IT, versions v3.0-alpha to v5.3.7 are vulnerable to Host Header Injection. By sending a specially crafted host header in the reset password request, it is possible to send password reset links to users which once clicked lead to an attacker controlled server and thus leading to password reset token leak. This can lead to account take over.
GHSA-9vh6-qfv6-vcqp
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-9vh6-qfv6-vcqp. Snipe-IT is a free, open-source IT asset/license management systemIn Snipe-IT, versions v3.0-alpha to v5.3.7 are vulnerable to Host Header Injection. By sending a specially crafted host header in the reset password request, it is possible to send password reset links to users which once clicked lead to an attacker controlled server and thus leading to password reset token leak. This can lead to account take over.
#ExploitObserverAlert
GHSA-988v-v47j-cj4p
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-988v-v47j-cj4p. A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This vulnerability affects unknown code of the file /admin_ping.htm of the component POST Request Handler. The manipulation of the argument ipv4_ping/ipv6_ping leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252124. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
GHSA-988v-v47j-cj4p
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-988v-v47j-cj4p. A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This vulnerability affects unknown code of the file /admin_ping.htm of the component POST Request Handler. The manipulation of the argument ipv4_ping/ipv6_ping leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252124. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
#ExploitObserverAlert
WLB-2024010085
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024010085. Vinchin Backup And Recovery 7.2 Default MySQL Credentials.
WLB-2024010085
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024010085. Vinchin Backup And Recovery 7.2 Default MySQL Credentials.
#ExploitObserverAlert
WLB-2024010086
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024010086. CloudLinux CageFS 7.1.1-1 Token Disclosure.
WLB-2024010086
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024010086. CloudLinux CageFS 7.1.1-1 Token Disclosure.
#ExploitObserverAlert
GHSA-mr56-56j8-x6r4
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-mr56-56j8-x6r4. An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project
GHSA-mr56-56j8-x6r4
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-mr56-56j8-x6r4. An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project
#ExploitObserverAlert
GHSA-j4wq-qx9v-xvqj
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-j4wq-qx9v-xvqj. Microsoft Edge (Chromium-based) Spoofing Vulnerability
GHSA-j4wq-qx9v-xvqj
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-j4wq-qx9v-xvqj. Microsoft Edge (Chromium-based) Spoofing Vulnerability
#ExploitObserverAlert
GHSA-9jv5-wf44-8vfm
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-9jv5-wf44-8vfm. Jenkins Active Choices Plugin 2.4 and earlier does not escape the name and description of build parameters.
GHSA-9jv5-wf44-8vfm
DESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to GHSA-9jv5-wf44-8vfm. Jenkins Active Choices Plugin 2.4 and earlier does not escape the name and description of build parameters.
#ExploitObserverAlert
GHSA-pxvc-5jrx-h52p
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-pxvc-5jrx-h52p. A vulnerability has been found in Beijing Baichuo Smart S210 Management Platform up to 20240117 and classified as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252184. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
GHSA-pxvc-5jrx-h52p
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-pxvc-5jrx-h52p. A vulnerability has been found in Beijing Baichuo Smart S210 Management Platform up to 20240117 and classified as critical. This vulnerability affects unknown code of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252184. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
#ExploitObserverAlert
GHSA-m7gj-wmp7-fwfx
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-m7gj-wmp7-fwfx. A vulnerability was found in TRENDnet TEW-800MB 1.0.1.0 and classified as critical. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation of the argument DeviceURL leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252122 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
GHSA-m7gj-wmp7-fwfx
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-m7gj-wmp7-fwfx. A vulnerability was found in TRENDnet TEW-800MB 1.0.1.0 and classified as critical. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation of the argument DeviceURL leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252122 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
#ExploitObserverAlert
GHSA-jhhh-mxj4-r289
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-jhhh-mxj4-r289. Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.
GHSA-jhhh-mxj4-r289
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-jhhh-mxj4-r289. Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.
#ExploitObserverAlert
GHSA-vhw4-mjfv-p3gg
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-vhw4-mjfv-p3gg. Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute arbitrary code by uploading a specially crafted SVG file.
GHSA-vhw4-mjfv-p3gg
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to GHSA-vhw4-mjfv-p3gg. Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute arbitrary code by uploading a specially crafted SVG file.
#ExploitObserverAlert
WLB-2024010081
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024010081. Yahweh Touch - Blind Sql Injection.
WLB-2024010081
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024010081. Yahweh Touch - Blind Sql Injection.
#ExploitObserverAlert
GHSA-m295-r33q-79rg
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-m295-r33q-79rg. An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An attacker can exploit this vulnerability to access protected URLs and retrieve sensitive information.
GHSA-m295-r33q-79rg
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to GHSA-m295-r33q-79rg. An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An attacker can exploit this vulnerability to access protected URLs and retrieve sensitive information.
#ExploitObserverAlert
WLB-2024010087
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024010087. PHPJ-Callback-Widget-1.0-XSS-Reflected-admin-Hijacking.
WLB-2024010087
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024010087. PHPJ-Callback-Widget-1.0-XSS-Reflected-admin-Hijacking.
#ExploitObserverAlert
GHSA-x4j2-fh47-r6r6
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-x4j2-fh47-r6r6. Alinto SOGo 5.8.0 is vulnerable to HTML Injection.
GHSA-x4j2-fh47-r6r6
DESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to GHSA-x4j2-fh47-r6r6. Alinto SOGo 5.8.0 is vulnerable to HTML Injection.
#ExploitObserverAlert
GHSA-gxg7-pxwf-9r28
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to GHSA-gxg7-pxwf-9r28. An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.
GHSA-gxg7-pxwf-9r28
DESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to GHSA-gxg7-pxwf-9r28. An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel.
#ExploitObserverAlert
WLB-2024020035
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024020035. Laravel Env file Access Open Directory.
WLB-2024020035
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024020035. Laravel Env file Access Open Directory.
#ExploitObserverAlert
ZDI-24-097
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to ZDI-24-097. Wazuh Log Collector Integer Underflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wazuh. Log Injection is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 7.4. The following CVEs are assigned: CVE-2023-42463.
ZDI-24-097
DESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to ZDI-24-097. Wazuh Log Collector Integer Underflow Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wazuh. Log Injection is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 7.4. The following CVEs are assigned: CVE-2023-42463.
#ExploitObserverAlert
CVE-2024-22318
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-22318. IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user's session. The hostile server could capture the NTLM hash information to obtain the user's credentials. IBM X-Force ID: 279091.
FIRST-EPSS: 0.000450000
CVE-2024-22318
DESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-22318. IBM i Access Client Solutions (ACS) 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.4 is vulnerable to NT LAN Manager (NTLM) hash disclosure by an attacker modifying UNC capable paths within ACS configuration files to point to a hostile server. If NTLM is enabled, the Windows operating system will try to authenticate using the current user's session. The hostile server could capture the NTLM hash information to obtain the user's credentials. IBM X-Force ID: 279091.
FIRST-EPSS: 0.000450000
#ExploitObserverAlert
ZDI-24-117
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-117. Centreon updateGroups SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-23115.
ZDI-24-117
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to ZDI-24-117. Centreon updateGroups SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-23115.
#ExploitObserverAlert
EDB-51786
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51786. Zyxel zysh - Format string
EDB-51786
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to EDB-51786. Zyxel zysh - Format string