๐จ CVE-2024-9049
The Beaver Builder โ WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Group module in all versions up to, and including, 2.8.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify
The Beaver Builder โ WordPress Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Button Group module in all versions up to, and including, 2.8.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify
๐จ CVE-2024-28948
Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same
origin policy, which is designed to prevent different websites from
interfering with each other.
๐@cveNotify
Advantech ADAM-5630 contains a cross-site request forgery (CSRF) vulnerability. It allows an attacker to partly circumvent the same
origin policy, which is designed to prevent different websites from
interfering with each other.
๐@cveNotify
๐จ CVE-2024-9359
A vulnerability was found in code-projects Restaurant Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /addcompany.php. The manipulation of the argument company leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability was found in code-projects Restaurant Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /addcompany.php. The manipulation of the argument company leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
๐จ CVE-2024-22188
TYPO3 before 13.0.1 allows an authenticated admin user (with system maintainer privileges) to execute arbitrary shell commands (with the privileges of the web server) via a command injection vulnerability in form fields of the Install Tool. The fixed versions are 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, and 13.0.1.
๐@cveNotify
TYPO3 before 13.0.1 allows an authenticated admin user (with system maintainer privileges) to execute arbitrary shell commands (with the privileges of the web server) via a command injection vulnerability in form fields of the Install Tool. The fixed versions are 8.7.57 ELTS, 9.5.46 ELTS, 10.4.43 ELTS, 11.5.35 LTS, 12.4.11 LTS, and 13.0.1.
๐@cveNotify
GitHub
Code Execution in TYPO3 Install Tool
### Problem
Several settings in the Install Tool for configuring the path to system binaries were vulnerable to code execution. Exploiting this vulnerability requires an administrator-level backen...
Several settings in the Install Tool for configuring the path to system binaries were vulnerable to code execution. Exploiting this vulnerability requires an administrator-level backen...
๐จ CVE-2024-37818
Strapi v4.24.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /strapi.io/_next/image. This vulnerability allows attackers to scan for open ports or access sensitive information via a crafted GET request. NOTE: The Strapi Development Community argues that this issue is not valid. They contend that "the strapi/admin was wrongly attributed a flaw that only pertains to the strapi.io website, and which, at the end of the day, does not pose any real SSRF risk to applications that make use of the Strapi library."
๐@cveNotify
Strapi v4.24.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /strapi.io/_next/image. This vulnerability allows attackers to scan for open ports or access sensitive information via a crafted GET request. NOTE: The Strapi Development Community argues that this issue is not valid. They contend that "the strapi/admin was wrongly attributed a flaw that only pertains to the strapi.io website, and which, at the end of the day, does not pose any real SSRF risk to applications that make use of the Strapi library."
๐@cveNotify
Medium
Server-side request forgery in STRAPI
Description :
๐จ CVE-2024-47125
The goTenna Pro series does not authenticate public keys which allows an unauthenticated attacker to intercept and manipulate messages.
๐@cveNotify
The goTenna Pro series does not authenticate public keys which allows an unauthenticated attacker to intercept and manipulate messages.
๐@cveNotify
๐จ CVE-2024-47128
The goTenna Pro broadcast key name is always sent unencrypted and could reveal the location of operation.
๐@cveNotify
The goTenna Pro broadcast key name is always sent unencrypted and could reveal the location of operation.
๐@cveNotify
๐จ CVE-2024-8922
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untrusted input in enquiry_detail.php. This makes it possible for authenticated attackers, with Author-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
๐@cveNotify
The Product Enquiry for WooCommerce, WooCommerce product catalog plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.2.33.32 via deserialization of untrusted input in enquiry_detail.php. This makes it possible for authenticated attackers, with Author-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
๐@cveNotify
๐จ CVE-2024-6931
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via RSVP name field in all versions up to, and including, 6.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify
The The Events Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via RSVP name field in all versions up to, and including, 6.6.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
๐@cveNotify
๐จ CVE-2024-44744
An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via placing crafted binaries into unspecified directories. NOTE: Malwarebytes argues that this issue requires admin privileges and that the contents cannot be altered by non-admin users.
๐@cveNotify
An issue in Malwarebytes Premium Security v5.0.0.883 allows attackers to execute arbitrary code via placing crafted binaries into unspecified directories. NOTE: Malwarebytes argues that this issue requires admin privileges and that the contents cannot be altered by non-admin users.
๐@cveNotify
Blogspot
The Definitive Guide on Win32 to NT Path Conversion
Posted by James Forshaw, pathโological reverse engineer. How the Win32 APIs process file paths on Windows NT is a tale filled with backw...
๐จ CVE-2024-43683
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0.
๐@cveNotify
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Microchip TimeProvider 4100 allows XSS Through HTTP Headers.This issue affects TimeProvider 4100: from 1.0.
๐@cveNotify
www.gruppotim.it
Vulnerability Research & Advisor
๐จ CVE-2024-43684
Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0.
๐@cveNotify
Cross-Site Request Forgery (CSRF) vulnerability in Microchip TimeProvider 4100 allows Cross Site Request Forgery, Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0.
๐@cveNotify
www.gruppotim.it
Vulnerability Research & Advisor
๐จ CVE-2024-43685
Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
๐@cveNotify
Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows Session Hijacking.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
๐@cveNotify
www.gruppotim.it
Vulnerability Research & Advisor
๐จ CVE-2024-43686
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (data plot modules) allows Reflected XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (data plot modules) allows Reflected XSS.This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
๐@cveNotify
www.gruppotim.it
Vulnerability Research & Advisor
๐จ CVE-2024-43687
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (banner config modules) allows Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
๐@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimeProvider 4100 (banner config modules) allows Cross-Site Scripting (XSS).This issue affects TimeProvider 4100: from 1.0 before 2.4.7.
๐@cveNotify
www.gruppotim.it
Vulnerability Research & Advisor
๐จ CVE-2024-41512
A SQL Injection vulnerability in "ccHandler.aspx" in all versions of CADClick v.1.11.0 and before allows remote attackers to execute arbitrary SQL commands via the "bomid" parameter.
๐@cveNotify
A SQL Injection vulnerability in "ccHandler.aspx" in all versions of CADClick v.1.11.0 and before allows remote attackers to execute arbitrary SQL commands via the "bomid" parameter.
๐@cveNotify
4PACE
CADClickยฎ: 2D- & 3D-Konfiguration basierend auf CAD- & BIM-Modellen | 4PACE
Erwecken Sie Ihr komplexes Produktportfolio mit 2D- & 3D-Visualisierung zum Leben und leiten Sie in Echtzeit erzeugte Modelle aus. โฅ Mehr erfahren
๐จ CVE-2024-41513
A reflected cross-site scripting (XSS) vulnerability in "Artikel.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "searchindex" parameter.
๐@cveNotify
A reflected cross-site scripting (XSS) vulnerability in "Artikel.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "searchindex" parameter.
๐@cveNotify
4PACE
CADClickยฎ: 2D- & 3D-Konfiguration basierend auf CAD- & BIM-Modellen | 4PACE
Erwecken Sie Ihr komplexes Produktportfolio mit 2D- & 3D-Visualisierung zum Leben und leiten Sie in Echtzeit erzeugte Modelle aus. โฅ Mehr erfahren
๐จ CVE-2024-41514
A reflected cross-site scripting (XSS) vulnerability in "PrevPgGroup.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "wer" parameter.
๐@cveNotify
A reflected cross-site scripting (XSS) vulnerability in "PrevPgGroup.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "wer" parameter.
๐@cveNotify
4PACE
CADClickยฎ: 2D- & 3D-Konfiguration basierend auf CAD- & BIM-Modellen | 4PACE
Erwecken Sie Ihr komplexes Produktportfolio mit 2D- & 3D-Visualisierung zum Leben und leiten Sie in Echtzeit erzeugte Modelle aus. โฅ Mehr erfahren
๐จ CVE-2024-37868
File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "sendreply.php" file, and the uploaded file was received using the "$- FILES" variable.
๐@cveNotify
File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "sendreply.php" file, and the uploaded file was received using the "$- FILES" variable.
๐@cveNotify
Gist
gist:bfca92171143e28899bb8511f311f9ed
GitHub Gist: instantly share code, notes, and snippets.
๐จ CVE-2024-37869
File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "poster.php" file, and the uploaded file was received using the "$- FILES" variable
๐@cveNotify
File Upload vulnerability in Itsourcecode Online Discussion Forum Project v.1.0 allows a remote attacker to execute arbitrary code via the "poster.php" file, and the uploaded file was received using the "$- FILES" variable
๐@cveNotify
Gist
gist:7e5dfdd3583bf9fd81196f557a8b8879
GitHub Gist: instantly share code, notes, and snippets.
๐จ CVE-2024-47910
An issue was discovered in SonarSource SonarQube before 9.9.5 LTA and 10.x before 10.5. A SonarQube user with the Administrator role can modify an existing configuration of a GitHub integration to exfiltrate a pre-signed JWT.
๐@cveNotify
An issue was discovered in SonarSource SonarQube before 9.9.5 LTA and 10.x before 10.5. A SonarQube user with the Administrator role can modify an existing configuration of a GitHub integration to exfiltrate a pre-signed JWT.
๐@cveNotify
Sonar Community
SonarQube / GitHub integration information leakage
Sonar will submit a new CVE for a SonarQube vulnerability this week. We want to ensure that the Sonar community and our customers are aware before the CVE is made public. The fix was released in versions 9.9.5 LTA and 10.5 on 25 June; there is no known exploitation.โฆ