#ExploitObserverAlert
CVE-2024-28929
DESCRIPTION: Exploit Observer has 10 entries in 5 file formats related to CVE-2024-28929. Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
FIRST-EPSS: 0.000910000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-PRIORITY: 0.7598615
CVE-2024-28929
DESCRIPTION: Exploit Observer has 10 entries in 5 file formats related to CVE-2024-28929. Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
FIRST-EPSS: 0.000910000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-PRIORITY: 0.7598615
#ExploitObserverAlert
CVE-2024-3515
DESCRIPTION: Exploit Observer has 23 entries in 6 file formats related to CVE-2024-3515. Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
FIRST-EPSS: 0.000450000
ARPS-PRIORITY: 0.7857915
CVE-2024-3515
DESCRIPTION: Exploit Observer has 23 entries in 6 file formats related to CVE-2024-3515. Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
FIRST-EPSS: 0.000450000
ARPS-PRIORITY: 0.7857915
#ExploitObserverAlert
CVE-2024-3157
DESCRIPTION: Exploit Observer has 22 entries in 6 file formats related to CVE-2024-3157. Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)
FIRST-EPSS: 0.000450000
ARPS-PRIORITY: 0.7468936
CVE-2024-3157
DESCRIPTION: Exploit Observer has 22 entries in 6 file formats related to CVE-2024-3157. Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)
FIRST-EPSS: 0.000450000
ARPS-PRIORITY: 0.7468936
#ExploitObserverAlert
CVE-2020-14209
DESCRIPTION: Exploit Observer has 10 entries in 4 file formats related to CVE-2020-14209. Dolibarr before 11.0.5 allows low-privilege users to upload files of dangerous types, leading to arbitrary code execution. This occurs because .pht and .phar files can be uploaded. Also, a .htaccess file can be uploaded to reconfigure access control (e.g., to let .noexe files be executed as PHP code to defeat the .noexe protection mechanism).
FIRST-EPSS: 0.010500000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-PRIORITY: 0.8573414
CVE-2020-14209
DESCRIPTION: Exploit Observer has 10 entries in 4 file formats related to CVE-2020-14209. Dolibarr before 11.0.5 allows low-privilege users to upload files of dangerous types, leading to arbitrary code execution. This occurs because .pht and .phar files can be uploaded. Also, a .htaccess file can be uploaded to reconfigure access control (e.g., to let .noexe files be executed as PHP code to defeat the .noexe protection mechanism).
FIRST-EPSS: 0.010500000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-PRIORITY: 0.8573414
#ExploitObserverAlert
CVE-2019-9826
DESCRIPTION: Exploit Observer has 11 entries in 4 file formats related to CVE-2019-9826. The fulltext search component in phpBB before 3.2.6 allows Denial of Service.
FIRST-EPSS: 0.003060000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.8542337
CVE-2019-9826
DESCRIPTION: Exploit Observer has 11 entries in 4 file formats related to CVE-2019-9826. The fulltext search component in phpBB before 3.2.6 allows Denial of Service.
FIRST-EPSS: 0.003060000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.8542337
#ExploitObserverAlert
CVE-2018-10095
DESCRIPTION: Exploit Observer has 14 entries in 7 file formats related to CVE-2018-10095. Cross-site scripting (XSS) vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php.
FIRST-EPSS: 0.952960000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-PRIORITY: 0.9651561
CVE-2018-10095
DESCRIPTION: Exploit Observer has 14 entries in 7 file formats related to CVE-2018-10095. Cross-site scripting (XSS) vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php.
FIRST-EPSS: 0.952960000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-PRIORITY: 0.9651561
#ExploitObserverAlert
CVE-2024-28847
DESCRIPTION: Exploit Observer has 9 entries in 5 file formats related to CVE-2024-28847. OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. Similarly to the GHSL-2023-250 issue, `AlertUtil::validateExpression` is also called from `EventSubscriptionRepository.prepare()`, which can lead to Remote Code Execution. `prepare()` is called from `EntityRepository.prepareInternal()` which, in turn, gets called from `EntityResource.createOrUpdate()`. Note that, even though there is an authorization check (`authorizer.authorize()`), it gets called after `prepareInternal()` gets called and, therefore, after the SpEL expression has been evaluated. In order to reach this method, an attacker can send a PUT request to `/api/v1/events/subscriptions` which gets handled by `EventSubscriptionResource.createOrUpdateEventSubscription()`. This vulnerability was discovered with the help of CodeQL's Expression language injection (Spring) query. This issue may lead to Remote Code Execution and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-251`.
FIRST-EPSS: 0.000440000
ARPS-PRIORITY: 0.7553561
CVE-2024-28847
DESCRIPTION: Exploit Observer has 9 entries in 5 file formats related to CVE-2024-28847. OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. Similarly to the GHSL-2023-250 issue, `AlertUtil::validateExpression` is also called from `EventSubscriptionRepository.prepare()`, which can lead to Remote Code Execution. `prepare()` is called from `EntityRepository.prepareInternal()` which, in turn, gets called from `EntityResource.createOrUpdate()`. Note that, even though there is an authorization check (`authorizer.authorize()`), it gets called after `prepareInternal()` gets called and, therefore, after the SpEL expression has been evaluated. In order to reach this method, an attacker can send a PUT request to `/api/v1/events/subscriptions` which gets handled by `EventSubscriptionResource.createOrUpdateEventSubscription()`. This vulnerability was discovered with the help of CodeQL's Expression language injection (Spring) query. This issue may lead to Remote Code Execution and has been addressed in version 1.2.4. Users are advised to upgrade. There are no known workarounds for this vulnerability. This issue is also tracked as `GHSL-2023-251`.
FIRST-EPSS: 0.000440000
ARPS-PRIORITY: 0.7553561
#ExploitObserverAlert
WLB-2024040060
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024040060. Apache Solr Backup/Restore API Remote Code Execution.
ARPS-PRIORITY: 0.8504802
WLB-2024040060
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024040060. Apache Solr Backup/Restore API Remote Code Execution.
ARPS-PRIORITY: 0.8504802
#ExploitObserverAlert
CVE-2019-10774
DESCRIPTION: Exploit Observer has 10 entries in 4 file formats related to CVE-2019-10774. php-shellcommand versions before 1.6.1 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
FIRST-EPSS: 0.004690000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7771684
CVE-2019-10774
DESCRIPTION: Exploit Observer has 10 entries in 4 file formats related to CVE-2019-10774. php-shellcommand versions before 1.6.1 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.
FIRST-EPSS: 0.004690000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.7771684
#ExploitObserverAlert
CVE-2017-7886
DESCRIPTION: Exploit Observer has 14 entries in 5 file formats related to CVE-2017-7886. Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter.
FIRST-EPSS: 0.002120000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.8642092
CVE-2017-7886
DESCRIPTION: Exploit Observer has 14 entries in 5 file formats related to CVE-2017-7886. Dolibarr ERP/CRM 4.0.4 has SQL Injection in doli/theme/eldy/style.css.php via the lang parameter.
FIRST-EPSS: 0.002120000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.8642092
#ExploitObserverAlert
WLB-2024040061
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024040061. Hikvision Camera - Remote command execution.
ARPS-PRIORITY: 0.8504802
WLB-2024040061
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024040061. Hikvision Camera - Remote command execution.
ARPS-PRIORITY: 0.8504802
#ExploitObserverAlert
WLB-2024040059
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024040059. Nginx 1.25.5 Host Header Validation.
ARPS-PRIORITY: 0.8504802
WLB-2024040059
DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to WLB-2024040059. Nginx 1.25.5 Host Header Validation.
ARPS-PRIORITY: 0.8504802
#ExploitObserverAlert
CVE-2020-8559
DESCRIPTION: Exploit Observer has 30 entries in 9 file formats related to CVE-2020-8559. The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
FIRST-EPSS: 0.003410000
NVD-IS: 5.9
NVD-ES: 0.9
ARPS-PRIORITY: 0.9659869
CVE-2020-8559
DESCRIPTION: Exploit Observer has 30 entries in 9 file formats related to CVE-2020-8559. The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
FIRST-EPSS: 0.003410000
NVD-IS: 5.9
NVD-ES: 0.9
ARPS-PRIORITY: 0.9659869
#ExploitObserverAlert
CVE-2021-33816
DESCRIPTION: Exploit Observer has 12 entries in 5 file formats related to CVE-2021-33816. The website builder module in Dolibarr 13.0.2 allows remote PHP code execution because of an incomplete protection mechanism in which system, exec, and shell_exec are blocked but backticks are not blocked.
FIRST-EPSS: 0.034950000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.8722215
CVE-2021-33816
DESCRIPTION: Exploit Observer has 12 entries in 5 file formats related to CVE-2021-33816. The website builder module in Dolibarr 13.0.2 allows remote PHP code execution because of an incomplete protection mechanism in which system, exec, and shell_exec are blocked but backticks are not blocked.
FIRST-EPSS: 0.034950000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.8722215
#ExploitObserverAlert
CVE-2019-16108
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2019-16108. phpBB 3.2.7 allows adding an arbitrary Cascading Style Sheets (CSS) token sequence to a page through BBCode.
FIRST-EPSS: 0.001190000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7626645
CVE-2019-16108
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2019-16108. phpBB 3.2.7 allows adding an arbitrary Cascading Style Sheets (CSS) token sequence to a page through BBCode.
FIRST-EPSS: 0.001190000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7626645
#ExploitObserverAlert
CVE-2020-24913
DESCRIPTION: Exploit Observer has 16 entries in 4 file formats related to CVE-2020-24913. A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request.
FIRST-EPSS: 0.002480000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9634872
CVE-2020-24913
DESCRIPTION: Exploit Observer has 16 entries in 4 file formats related to CVE-2020-24913. A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request.
FIRST-EPSS: 0.002480000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9634872
#ExploitObserverAlert
CVE-2018-20434
DESCRIPTION: Exploit Observer has 25 entries in 8 file formats related to CVE-2018-20434. LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $_POST['community'] parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajax_output.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers html/includes/output/capture.inc.php command mishandling.
FIRST-EPSS: 0.968060000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9661231
CVE-2018-20434
DESCRIPTION: Exploit Observer has 25 entries in 8 file formats related to CVE-2018-20434. LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $_POST['community'] parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajax_output.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers html/includes/output/capture.inc.php command mishandling.
FIRST-EPSS: 0.968060000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.9661231
#ExploitObserverAlert
CVE-2021-21809
DESCRIPTION: Exploit Observer has 16 entries in 6 file formats related to CVE-2021-21809. A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
FIRST-EPSS: 0.024130000
NVD-IS: 6.0
NVD-ES: 2.3
ARPS-PRIORITY: 0.9560088
CVE-2021-21809
DESCRIPTION: Exploit Observer has 16 entries in 6 file formats related to CVE-2021-21809. A command execution vulnerability exists in the default legacy spellchecker plugin in Moodle 3.10. A specially crafted series of HTTP requests can lead to command execution. An attacker must have administrator privileges to exploit this vulnerabilities.
FIRST-EPSS: 0.024130000
NVD-IS: 6.0
NVD-ES: 2.3
ARPS-PRIORITY: 0.9560088
#ExploitObserverAlert
CVE-2020-7666
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to CVE-2020-7666. This affects all versions of package github.com/u-root/u-root/pkg/cpio. It is vulnerable to leading, non-leading relative path traversal attacks and symlink based (relative and absolute) path traversal attacks in cpio file extraction.
FIRST-EPSS: 0.000930000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7780067
CVE-2020-7666
DESCRIPTION: Exploit Observer has 9 entries in 3 file formats related to CVE-2020-7666. This affects all versions of package github.com/u-root/u-root/pkg/cpio. It is vulnerable to leading, non-leading relative path traversal attacks and symlink based (relative and absolute) path traversal attacks in cpio file extraction.
FIRST-EPSS: 0.000930000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-PRIORITY: 0.7780067
#ExploitObserverAlert
CVE-2020-24914
DESCRIPTION: Exploit Observer has 13 entries in 4 file formats related to CVE-2020-24914. A PHP object injection bug in profile.php in qcubed (all versions including 3.1.1) unserializes the untrusted data of the POST-variable "strProfileData" and allows an unauthenticated attacker to execute code via a crafted POST request.
FIRST-EPSS: 0.016790000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.8646988
CVE-2020-24914
DESCRIPTION: Exploit Observer has 13 entries in 4 file formats related to CVE-2020-24914. A PHP object injection bug in profile.php in qcubed (all versions including 3.1.1) unserializes the untrusted data of the POST-variable "strProfileData" and allows an unauthenticated attacker to execute code via a crafted POST request.
FIRST-EPSS: 0.016790000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-PRIORITY: 0.8646988
#ExploitObserverAlert
CVE-2018-5233
DESCRIPTION: Exploit Observer has 14 entries in 6 file formats related to CVE-2018-5233. Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools.
FIRST-EPSS: 0.002940000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-PRIORITY: 0.9571319
CVE-2018-5233
DESCRIPTION: Exploit Observer has 14 entries in 6 file formats related to CVE-2018-5233. Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools.
FIRST-EPSS: 0.002940000
NVD-IS: 2.7
NVD-ES: 2.8
ARPS-PRIORITY: 0.9571319