#ExploitObserverAlert

CVE-2024-31839

DESCRIPTION: Exploit Observer has 17 entries in 6 file formats related to CVE-2024-31839. Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component.

FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.87189

#ExploitObserverAlert

CVE-2024-30850

DESCRIPTION: Exploit Observer has 20 entries in 8 file formats related to CVE-2024-30850. An issue in tiagorlampert CHAOS v5.0.1 allows a remote attacker to execute arbitrary code via the BuildClient function within client_service.go

FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.876415

#ExploitObserverAlert

CVE-2024-28741

DESCRIPTION: Exploit Observer has 16 entries in 6 file formats related to CVE-2024-28741. Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote attacker to execute arbitrary code via the login.php component.

FIRST-EPSS: 0.001630000
ARPS-PRIORITY: 0.8511741

#ExploitObserverAlert

CVE-2024-31819

DESCRIPTION: Exploit Observer has 12 entries in 7 file formats related to CVE-2024-31819. An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.

FIRST-EPSS: 0.002530000
ARPS-PRIORITY: 0.8368503

#ExploitObserverAlert

CVE-2024-30850

DESCRIPTION: Exploit Observer has 17 entries in 8 file formats related to CVE-2024-30850. An issue in tiagorlampert CHAOS v5.0.1 allows a remote attacker to execute arbitrary code via the BuildClient function within client_service.go

FIRST-EPSS: 0.000430000
ARPS-PRIORITY: 0.850763

#ExploitObserverAlert

CVE-2024-33559

DESCRIPTION: Exploit Observer has 11 entries in 5 file formats related to CVE-2024-33559. Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore allows SQL Injection.This issue affects XStore: from n/a through 9.3.5.

FIRST-EPSS: 0.000850000
ARPS-PRIORITY: 0.9323837

#ExploitObserverAlert

PSS-178877

DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-178877. Online Payment Hub System 1.0 SQL Injection. Online Payment Hub System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

ARPS-PRIORITY: 0.88

#ExploitObserverAlert

PSS-178886

DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-178886. Red Hat Security Advisory 2024-3501-03. Red Hat Security Advisory 2024-3501-03 - An update for nghttp2 is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.

ARPS-PRIORITY: 0.88

#ExploitObserverAlert

PSS-178879

DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-178879. Ubuntu Security Notice USN-6802-1. Ubuntu Security Notice 6802-1 - Lukas Fittl discovered that PostgreSQL incorrectly performed authorization in the built-in pg_stats_ext and pg_stats_ext_exprs views. An unprivileged database user can use this issue to read most common values and other statistics from CREATE STATISTICS commands of other users.

ARPS-PRIORITY: 0.88

#ExploitObserverAlert

PSS-178873

DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-178873. iMLog Cross Site Scripting. iMLog versions prior to 1.307 suffer from a persistent cross site scripting vulnerability.

ARPS-PRIORITY: 0.88

#ExploitObserverAlert

PSS-178889

DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-178889. RansomLord Anti-Ransomware Exploit Tool 3.1. RansomLord is a proof-of-concept tool that automates the creation of PE files, used to compromise ransomware pre-encryption. This tool uses dll hijacking to defeat ransomware by placing PE files in the x32 or x64 directories where the program is run from.

ARPS-PRIORITY: 0.88

#ExploitObserverAlert

PSS-178880

DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-178880. jSQL Injection 0.97. jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.

ARPS-PRIORITY: 0.88

#ExploitObserverAlert

PSS-178883

DESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to PSS-178883. Packet Storm New Exploits For May, 2024. This archive contains all of the 68 exploits added to Packet Storm in May, 2024.

ARPS-PRIORITY: 0.88

#ExploitObserverAlert

Exploit Observer has added 208 entries to its vulnerability & exploit watchlist.
[https://api.exploit.observer/watchlist]

#ExploitObserverAlert

Exploit Observer has added 1103 entries to its vulnerability & exploit watchlist.
[https://api.exploit.observer/watchlist]

#ExploitObserverAlert

Exploit Observer has added 445 entries to its vulnerability & exploit watchlist.
[https://api.exploit.observer/watchlist]

#ExploitObserverAlert

Exploit Observer has added 315 entries to its vulnerability & exploit watchlist.
[https://api.exploit.observer/watchlist]

#ARPSReleaseAlert

Puncia v0.20 has been released.
- CVE & GHSA Enrichment
- Daily Vulnerability & Exploit Watchlist

The Panthera(P.)uncia of Cybersecurity - Official CLI utility for Subdomain Center & Exploit Observer.
https://github.com/ARPSyndicate/puncia

#ExploitObserverAlert

Exploit Observer has added 4679 entries to its vulnerability & exploit watchlist.
[https://api.exploit.observer/watchlist]

#ExploitObserverAlert

Exploit Observer has added 4800 entries to its vulnerability & exploit watchlist.
[https://api.exploit.observer/watchlist]