Update CVE sources 2024-08-31 19:52

2025-06-19 17:30:12 +00:00 · 2024-08-31 19:52:39 +00:00 · 2024-08-31 19:52:39 +00:00 · c24be57ea5
commit c24be57ea5
parent 93034fc614
115 changed files with 874 additions and 31 deletions
--- a/2013/CVE-2013-4428.md
+++ b/2013/CVE-2013-4428.md
@ -0,0 +1,17 @@
+### [CVE-2013-4428](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4428)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+OpenStack Image Registry and Delivery Service (Glance) Folsom, Grizzly before 2013.1.4, and Havana before 2013.2, when the download_image policy is configured, does not properly restrict access to cached images, which allows remote authenticated users to read otherwise restricted images via an image UUID.
+
+### POC
+
+#### Reference
+- http://www.ubuntu.com/usn/USN-2003-1
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2015/CVE-2015-1397.md
+++ b/2015/CVE-2015-1397.md
@ -16,5 +16,6 @@ SQL injection vulnerability in the getCsvFile function in the Mage_Adminhtml_Blo
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/Hackhoven/Magento-Shoplift-Exploit
 - https://github.com/WHOISshuvam/CVE-2015-1397
+- https://github.com/Wytchwulf/CVE-2015-1397-Magento-Shoplift
 - https://github.com/tmatejicek/CVE-2015-1397

--- a/2015/CVE-2015-6420.md
+++ b/2015/CVE-2015-6420.md
@ -36,6 +36,7 @@ Serialized-object interfaces in certain Cisco Collaboration and Social Media; En
 - https://github.com/hinat0y/Dataset7
 - https://github.com/hinat0y/Dataset8
 - https://github.com/hinat0y/Dataset9
+- https://github.com/jensdietrich/xshady-release
 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet
 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet
 - https://github.com/qiqiApink/apkRepair
--- a/2015/CVE-2015-7501.md
+++ b/2015/CVE-2015-7501.md
@ -74,6 +74,7 @@ Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG)
 - https://github.com/hktalent/TOP
 - https://github.com/hungslab/awd-tools
 - https://github.com/ianxtianxt/CVE-2015-7501
+- https://github.com/jensdietrich/xshady-release
 - https://github.com/just0rg/Security-Interview
 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet
 - https://github.com/koutto/jok3r-pocs
--- a/2016/CVE-2016-5394.md
+++ b/2016/CVE-2016-5394.md
@ -0,0 +1,17 @@
+### [CVE-2016-5394](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5394)
+![](https://img.shields.io/static/v1?label=Product&message=Apache%20Sling&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+In the XSS Protection API module before 1.0.12 in Apache Sling, the encoding done by the XSSAPI.encodeForJSString() method is not restrictive enough and for some input patterns allows script tags to pass through unencoded, leading to potential XSS vulnerabilities.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/jensdietrich/xshady-release
+
--- a/2016/CVE-2016-6798.md
+++ b/2016/CVE-2016-6798.md
@ -13,5 +13,6 @@ In the XSS Protection API module before 1.0.12 in Apache Sling, the method XSS.g
 No PoCs from references.

 #### Github
+- https://github.com/jensdietrich/xshady-release
 - https://github.com/tafamace/CVE-2016-6798

--- a/2017/CVE-2017-12635.md
+++ b/2017/CVE-2017-12635.md
@ -46,6 +46,7 @@ Due to differences in the Erlang-based JSON parser and JavaScript-based JSON par
 - https://github.com/jweny/pocassistdb
 - https://github.com/kika/couchdb17-centos7
 - https://github.com/openx-org/BLEN
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/security211/icrus_vulnerabilty_research
 - https://github.com/t0m4too/t0m4to
 - https://github.com/tanjiti/sec_profile
--- a/2018/CVE-2018-10237.md
+++ b/2018/CVE-2018-10237.md
@ -25,6 +25,7 @@ Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allo
 - https://github.com/diakogiannis/moviebook
 - https://github.com/dotanuki-labs/android-oss-cves-research
 - https://github.com/evervault/evervault-java
+- https://github.com/jensdietrich/xshady-release
 - https://github.com/pctF/vulnerable-app
 - https://github.com/securityranjan/vulnapp
 - https://github.com/singhkranjan/vulnapp
--- a/2018/CVE-2018-11759.md
+++ b/2018/CVE-2018-11759.md
@ -43,6 +43,7 @@ The Apache Web Server (httpd) specific code that normalised the requested path b
 - https://github.com/merlinepedra25/nuclei-templates
 - https://github.com/openx-org/BLEN
 - https://github.com/qazbnm456/awesome-cve-poc
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/sobinge/nuclei-templates
 - https://github.com/tharmigaloganathan/ECE9069-Presentation-2
 - https://github.com/xbl3/awesome-cve-poc_qazbnm456
--- a/2018/CVE-2018-1324.md
+++ b/2018/CVE-2018-1324.md
@ -20,6 +20,7 @@ A specially crafted ZIP archive can be used to cause an infinite loop inside of
 - https://github.com/developer3000S/PoC-in-GitHub
 - https://github.com/dotanuki-labs/android-oss-cves-research
 - https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/jensdietrich/xshady-release
 - https://github.com/tafamace/CVE-2018-1324
 - https://github.com/tuhh-softsec/APR4Vul

--- a/2019/CVE-2019-10761.md
+++ b/2019/CVE-2019-10761.md
@ -16,4 +16,5 @@ This affects the package vm2 before 3.6.11. It is possible to trigger a RangeErr
 #### Github
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/ossf-cve-benchmark/CVE-2019-10761
+- https://github.com/w181496/Web-CTF-Cheatsheet

--- a/2019/CVE-2019-11708.md
+++ b/2019/CVE-2019-11708.md
@ -58,6 +58,7 @@ Insufficient vetting of parameters passed with the Prompt:Open IPC message betwe
 - https://github.com/m1ghtym0/browser-pwn
 - https://github.com/password520/Penetration_PoC
 - https://github.com/pentration/gongkaishouji
+- https://github.com/rookiemagnum/rookiemagnum
 - https://github.com/weeka10/-hktalent-TOP
 - https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
 - https://github.com/xuetusummer/Penetration_Testing_POC
--- a/2019/CVE-2019-12402.md
+++ b/2019/CVE-2019-12402.md
@ -23,4 +23,5 @@ The file name encoding algorithm used internally in Apache Commons Compress 1.15
 - https://github.com/Anonymous-Phunter/PHunter
 - https://github.com/CGCL-codes/PHunter
 - https://github.com/LibHunter/LibHunter
+- https://github.com/jensdietrich/xshady-release

--- a/2019/CVE-2019-9810.md
+++ b/2019/CVE-2019-9810.md
@ -47,6 +47,7 @@ Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice
 - https://github.com/lp008/Hack-readme
 - https://github.com/m1ghtym0/browser-pwn
 - https://github.com/mgaudet/SpiderMonkeyBibliography
+- https://github.com/rookiemagnum/rookiemagnum
 - https://github.com/tunnelshade/cve-2019-11707
 - https://github.com/vintagesucks/awesome-stars
 - https://github.com/weeka10/-hktalent-TOP
--- a/2020/CVE-2020-13937.md
+++ b/2020/CVE-2020-13937.md
@ -40,6 +40,7 @@ No PoCs from references.
 - https://github.com/merlinepedra/nuclei-templates
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/openx-org/BLEN
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/sobinge/nuclei-templates
 - https://github.com/soosmile/POC
 - https://github.com/trganda/starrlist
--- a/2020/CVE-2020-17518.md
+++ b/2020/CVE-2020-17518.md
@ -52,6 +52,7 @@ No PoCs from references.
 - https://github.com/pen4uin/awesome-vulnerability-research
 - https://github.com/pen4uin/vulnerability-research
 - https://github.com/pen4uin/vulnerability-research-list
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/rakjong/Flink-CVE-2020-17518-getshell
 - https://github.com/sobinge/nuclei-templates
 - https://github.com/soosmile/POC
--- a/2020/CVE-2020-17519.md
+++ b/2020/CVE-2020-17519.md
@ -87,6 +87,7 @@ A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as
 - https://github.com/pen4uin/awesome-vulnerability-research
 - https://github.com/pen4uin/vulnerability-research
 - https://github.com/pen4uin/vulnerability-research-list
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/radbsie/CVE-2020-17519-Exp
 - https://github.com/revanmalang/OSCP
 - https://github.com/shanyuhe/YesPoc
--- a/2021/CVE-2021-23449.md
+++ b/2021/CVE-2021-23449.md
@ -13,5 +13,5 @@ This affects the package vm2 before 3.9.4 via a Prototype Pollution attack vecto
 - https://snyk.io/vuln/SNYK-JS-VM2-1585918

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/w181496/Web-CTF-Cheatsheet

--- a/2021/CVE-2021-24086.md
+++ b/2021/CVE-2021-24086.md
@ -59,6 +59,7 @@ Windows TCP/IP Denial of Service Vulnerability
 - https://github.com/lisinan988/CVE-2021-24086-exp
 - https://github.com/manas3c/CVE-POC
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/rookiemagnum/rookiemagnum
 - https://github.com/secdev/awesome-scapy
 - https://github.com/soosmile/POC
 - https://github.com/trhacknon/Pocingit
--- a/2021/CVE-2021-25642.md
+++ b/2021/CVE-2021-25642.md
@ -22,6 +22,7 @@ No PoCs from references.
 - https://github.com/karimhabush/cyberowl
 - https://github.com/manas3c/CVE-POC
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/safe3s/CVE-2021-25642
 - https://github.com/trhacknon/Pocingit
 - https://github.com/whoforget/CVE-POC
--- a/2021/CVE-2021-25646.md
+++ b/2021/CVE-2021-25646.md
@ -73,6 +73,7 @@ Apache Druid includes the ability to execute user-provided JavaScript code embed
 - https://github.com/pen4uin/awesome-vulnerability-research
 - https://github.com/pen4uin/vulnerability-research
 - https://github.com/pen4uin/vulnerability-research-list
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/sobinge/nuclei-templates
 - https://github.com/soosmile/POC
 - https://github.com/trhacknon/Pocingit
--- a/2021/CVE-2021-28476.md
+++ b/2021/CVE-2021-28476.md
@ -63,6 +63,7 @@ Windows Hyper-V Remote Code Execution Vulnerability
 - https://github.com/manas3c/CVE-POC
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/r0eXpeR/supplier
+- https://github.com/rookiemagnum/rookiemagnum
 - https://github.com/soosmile/POC
 - https://github.com/trhacknon/Pocingit
 - https://github.com/whoforget/CVE-POC
--- a/2021/CVE-2021-31166.md
+++ b/2021/CVE-2021-31166.md
@ -66,6 +66,7 @@ HTTP Protocol Stack Remote Code Execution Vulnerability
 - https://github.com/p0dalirius/CVE-2022-21907-http.sys
 - https://github.com/pathcl/oldnews
 - https://github.com/r0eXpeR/supplier
+- https://github.com/rookiemagnum/rookiemagnum
 - https://github.com/soosmile/POC
 - https://github.com/stalker3343/diplom
 - https://github.com/trganda/starrlist
--- a/2021/CVE-2021-32537.md
+++ b/2021/CVE-2021-32537.md
@ -20,6 +20,7 @@ Realtek HAD contains a driver crashed vulnerability which allows local side atta
 - https://github.com/SYRTI/POC_to_review
 - https://github.com/WhooAmii/POC_to_review
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/rookiemagnum/rookiemagnum
 - https://github.com/soosmile/POC
 - https://github.com/trhacknon/Pocingit
 - https://github.com/zecool/cve
--- a/2021/CVE-2021-36749.md
+++ b/2021/CVE-2021-36749.md
@ -46,6 +46,7 @@ No PoCs from references.
 - https://github.com/pen4uin/awesome-vulnerability-research
 - https://github.com/pen4uin/vulnerability-research
 - https://github.com/pen4uin/vulnerability-research-list
+- https://github.com/qiuluo-oss/Tiger
 - https://github.com/sma11new/PocList
 - https://github.com/soosmile/POC
 - https://github.com/soryecker/HScan
--- a/2021/CVE-2021-44228.md
+++ b/2021/CVE-2021-44228.md
@ -938,6 +938,7 @@ Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12
 - https://github.com/jeffbryner/log4j-docker-vaccine
 - https://github.com/jeffli1024/log4j-rce-test
 - https://github.com/jenriquezv/OSCP-Cheat-Sheets-AD
+- https://github.com/jensdietrich/xshady-release
 - https://github.com/jeremyrsellars/CVE-2021-44228_scanner
 - https://github.com/jfrog/jfrog-cli-plugins-reg
 - https://github.com/jfrog/log4j-tools
--- a/2022/CVE-2022-0847.md
+++ b/2022/CVE-2022-0847.md
@ -50,6 +50,7 @@ A flaw was found in the way the "flags" member of the new pipe buffer structure
 - https://github.com/BlizzardEternity/CVE-2022-0847
 - https://github.com/BlizzardEternity/DirtyPipe-Android
 - https://github.com/BlizzardEternity/dirtypipez-exploit
+- https://github.com/CPT-Jack-A-Castle/CVE-2022-0847
 - https://github.com/CVEDB/PoC-List
 - https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/CVEDB/top
--- a/2022/CVE-2022-1509.md
+++ b/2022/CVE-2022-1509.md
@ -1,11 +1,11 @@
 ### [CVE-2022-1509](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1509)
 ![](https://img.shields.io/static/v1?label=Product&message=hestiacp%2Fhestiacp&color=blue)
-![](https://img.shields.io/static/v1?label=Version&message=%3C%201.5.12%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%201.5.12%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-77%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20a%20Command&color=brighgreen)

 ### Description

-Sed Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context.
+Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context.

 ### POC

--- a/2022/CVE-2022-22965.md
+++ b/2022/CVE-2022-22965.md
@ -303,6 +303,7 @@ A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable t
 - https://github.com/talentsec/SpringShell
 - https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-CachedintrospectionResults-Rce
 - https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce
+- https://github.com/te5t321/Spring4Shell-CVE-2022-22965.py
 - https://github.com/teresaweber685/book_list
 - https://github.com/test502git/awvs14-scan
 - https://github.com/thenurhabib/s4sScanner
--- a/2022/CVE-2022-27646.md
+++ b/2022/CVE-2022-27646.md
@ -14,4 +14,5 @@ No PoCs from references.

 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/cyber-defence-campus/morion

--- a/2022/CVE-2022-28281.md
+++ b/2022/CVE-2022-28281.md
@ -27,6 +27,7 @@ No PoCs from references.
 - https://github.com/lions2012/Penetration_Testing_POC
 - https://github.com/manas3c/CVE-POC
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/rookiemagnum/rookiemagnum
 - https://github.com/trhacknon/Pocingit
 - https://github.com/whoforget/CVE-POC
 - https://github.com/xuetusummer/Penetration_Testing_POC
--- a/2022/CVE-2022-29464.md
+++ b/2022/CVE-2022-29464.md
@ -45,6 +45,7 @@ Certain WSO2 products allow unrestricted file upload with resultant remote code
 - https://github.com/Loginsoft-LLC/Linux-Exploit-Detection
 - https://github.com/Loginsoft-Research/Linux-Exploit-Detection
 - https://github.com/Miraitowa70/POC-Notes
+- https://github.com/N3rdyN3xus/CVE-2022-29464
 - https://github.com/NaInSec/CVE-PoC-in-GitHub
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
--- a/2022/CVE-2022-38749.md
+++ b/2022/CVE-2022-38749.md
@ -18,6 +18,7 @@ Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Ser
 - https://github.com/NicheToolkit/rest-toolkit
 - https://github.com/danielps99/startquarkus
 - https://github.com/fernandoreb/dependency-check-springboot
+- https://github.com/jensdietrich/xshady-release
 - https://github.com/mosaic-hgw/WildFly
 - https://github.com/scordero1234/java_sec_demo-main
 - https://github.com/sr-monika/sprint-rest
--- a/2022/CVE-2022-44849.md
+++ b/2022/CVE-2022-44849.md
@ -0,0 +1,17 @@
+### [CVE-2022-44849](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44849)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A Cross-Site Request Forgery (CSRF) in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account.
+
+### POC
+
+#### Reference
+- https://gitee.com/MetInfo_1/MetInfo/issues/I5YM81?from=project-issue
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2022/CVE-2022-4539.md
+++ b/2022/CVE-2022-4539.md
@ -0,0 +1,17 @@
+### [CVE-2022-4539](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4539)
+![](https://img.shields.io/static/v1?label=Product&message=Web%20Application%20Firewall%20%E2%80%93%20website%20security&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.1.2%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-348%20Use%20of%20Less%20Trusted%20Source&color=brighgreen)
+
+### Description
+
+The Web Application Firewall plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 2.1.2. This is due to insufficient restrictions on where the IP Address information is being retrieved for request logging and login restrictions. Attackers can supply the X-Forwarded-For header with with a different IP Address that will be logged and can be used to bypass settings that may have blocked out an IP address or country from logging in.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2022/CVE-2022-47986.md
+++ b/2022/CVE-2022-47986.md
@ -24,6 +24,7 @@ IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker
 - https://github.com/mauricelambert/CVE-2022-47986
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/ohnonoyesyes/CVE-2022-47986
+- https://github.com/ramimac/aws-customer-security-incidents
 - https://github.com/whoforget/CVE-POC
 - https://github.com/youwizard/CVE-POC

--- a/2023/CVE-2023-23488.md
+++ b/2023/CVE-2023-23488.md
@ -27,6 +27,7 @@ The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an un
 - https://github.com/huyqa/Paid-Memberships-Pro-v2.9.8-WordPress-Plugin---Unauthenticated-SQL-Injection
 - https://github.com/huyqa/Paid-Memberships-Pro-v2.9.8-WordPress-Plugin-Unauthenticated-SQL-Injection
 - https://github.com/k0mi-tg/CVE-POC
+- https://github.com/long-rookie/CVE-2023-23488-PoC
 - https://github.com/manas3c/CVE-POC
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/r3nt0n/CVE-2023-23488-PoC
--- a/2023/CVE-2023-29199.md
+++ b/2023/CVE-2023-29199.md
@ -19,4 +19,5 @@ There exists a vulnerability in source code transformer (exception sanitization
 - https://github.com/leesh3288/leesh3288
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/u-crew/vm2-test
+- https://github.com/w181496/Web-CTF-Cheatsheet

--- a/2023/CVE-2023-29929.md
+++ b/2023/CVE-2023-29929.md
@ -10,7 +10,7 @@ Buffer Overflow vulnerability found in Kemptechnologies Loadmaster before v.7.2.
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/YSaxon/CVE-2023-29929/

 #### Github
 - https://github.com/YSaxon/CVE-2023-29929
--- a/2023/CVE-2023-30547.md
+++ b/2023/CVE-2023-30547.md
@ -22,4 +22,5 @@ vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in mo
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/rvizx/CVE-2023-30547
 - https://github.com/user0x1337/CVE-2023-30547
+- https://github.com/w181496/Web-CTF-Cheatsheet

--- a/2023/CVE-2023-32314.md
+++ b/2023/CVE-2023-32314.md
@ -18,4 +18,5 @@ vm2 is a sandbox that can run untrusted code with Node's built-in modules. A san
 - https://github.com/giovanni-iannaccone/vm2_3.9.17
 - https://github.com/jakabakos/vm2-sandbox-escape-exploits
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/w181496/Web-CTF-Cheatsheet

--- a/2023/CVE-2023-33669.md
+++ b/2023/CVE-2023-33669.md
@ -17,4 +17,5 @@ Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the ti
 - https://github.com/DDizzzy79/Tenda-CVE
 - https://github.com/retr0reg/Tenda-Ac8v4-PoC
 - https://github.com/retr0reg/Tenda-CVE
+- https://github.com/retr0reg/tenda-ac8v4-rop

--- a/2023/CVE-2023-33670.md
+++ b/2023/CVE-2023-33670.md
@ -17,4 +17,5 @@ Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the ti
 - https://github.com/DDizzzy79/Tenda-CVE
 - https://github.com/retr0reg/Tenda-Ac8v4-PoC
 - https://github.com/retr0reg/Tenda-CVE
+- https://github.com/retr0reg/tenda-ac8v4-rop

--- a/2023/CVE-2023-33671.md
+++ b/2023/CVE-2023-33671.md
@ -17,4 +17,5 @@ Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the de
 - https://github.com/DDizzzy79/Tenda-CVE
 - https://github.com/retr0reg/Tenda-Ac8v4-PoC
 - https://github.com/retr0reg/Tenda-CVE
+- https://github.com/retr0reg/tenda-ac8v4-rop

--- a/2023/CVE-2023-33672.md
+++ b/2023/CVE-2023-33672.md
@ -17,4 +17,5 @@ Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the sh
 - https://github.com/DDizzzy79/Tenda-CVE
 - https://github.com/retr0reg/Tenda-Ac8v4-PoC
 - https://github.com/retr0reg/Tenda-CVE
+- https://github.com/retr0reg/tenda-ac8v4-rop

--- a/2023/CVE-2023-33673.md
+++ b/2023/CVE-2023-33673.md
@ -17,4 +17,5 @@ Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the fi
 - https://github.com/DDizzzy79/Tenda-CVE
 - https://github.com/retr0reg/Tenda-Ac8v4-PoC
 - https://github.com/retr0reg/Tenda-CVE
+- https://github.com/retr0reg/tenda-ac8v4-rop

--- a/2023/CVE-2023-33675.md
+++ b/2023/CVE-2023-33675.md
@ -17,4 +17,5 @@ Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the ti
 - https://github.com/DDizzzy79/Tenda-CVE
 - https://github.com/retr0reg/Tenda-Ac8v4-PoC
 - https://github.com/retr0reg/Tenda-CVE
+- https://github.com/retr0reg/tenda-ac8v4-rop

--- a/2023/CVE-2023-37466.md
+++ b/2023/CVE-2023-37466.md
@ -14,4 +14,5 @@ vm2 is an advanced vm/sandbox for Node.js. The library contains critical securit

 #### Github
 - https://github.com/OrenGitHub/dhscanner
+- https://github.com/w181496/Web-CTF-Cheatsheet

--- a/2023/CVE-2023-48795.md
+++ b/2023/CVE-2023-48795.md
@ -31,5 +31,6 @@ The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH bef
 - https://github.com/nics-tw/sbom2vans
 - https://github.com/rgl/openssh-server-windows-vagrant
 - https://github.com/salmankhan-prs/Go-Good-First-issue
+- https://github.com/tanjiti/sec_profile
 - https://github.com/testing-felickz/docker-scout-demo

--- a/2024/CVE-2024-0226.md
+++ b/2024/CVE-2024-0226.md
@ -1,7 +1,7 @@
 ### [CVE-2024-0226](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0226)
 ![](https://img.shields.io/static/v1?label=Product&message=Seeker&color=blue)
 ![](https://img.shields.io/static/v1?label=Version&message=0%3C%202023.12.0%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)

 ### Description

--- a/2024/CVE-2024-0421.md
+++ b/2024/CVE-2024-0421.md
@ -1,11 +1,11 @@
 ### [CVE-2024-0421](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0421)
 ![](https://img.shields.io/static/v1?label=Product&message=MapPress%20Maps%20for%20WordPress&color=blue)
 ![](https://img.shields.io/static/v1?label=Version&message=0%3C%202.88.16%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-639%20Authorization%20Bypass%20Through%20User-Controlled%20Key&color=brighgreen)

 ### Description

-The MapPress Maps for WordPress plugin before 2.88.16 does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts.
+The MapPress Maps for WordPress plugin before 2.88.16 is affected by an IDOR as it does not ensure that posts to be retrieve via an AJAX action is a public map, allowing unauthenticated users to read arbitrary private and draft posts.

 ### POC

--- a/2024/CVE-2024-0881.md
+++ b/2024/CVE-2024-0881.md
@ -1,11 +1,11 @@
 ### [CVE-2024-0881](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0881)
-![](https://img.shields.io/static/v1?label=Product&message=Post%20Grid%2C%20Form%20Maker%2C%20Popup%20Maker%2C%20WooCommerce%20Blocks%2C%20Post%20Blocks%2C%20Post%20Carousel%20&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Post%20Grid%2C%20Form%20Maker%2C%20Popup%20Maker%2C%20WooCommerce%20Blocks%2C%20Post%20Blocks%2C%20Post%20Carousel&color=blue)
 ![](https://img.shields.io/static/v1?label=Version&message=0%3C%202.2.76%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%20Improper%20Access%20Control&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-863%20Improper%20Access%20Control&color=brighgreen)

 ### Description

-The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel  WordPress plugin before 2.2.76 does not prevent password protected posts from being displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts
+The Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel  WordPress plugin before 2.2.76 does not have proper authorization, resulting in password protected posts to be displayed in the result of some unauthenticated AJAX actions, allowing unauthenticated users to read such posts

 ### POC

--- a/2024/CVE-2024-1076.md
+++ b/2024/CVE-2024-1076.md
@ -1,11 +1,11 @@
 ### [CVE-2024-1076](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1076)
-![](https://img.shields.io/static/v1?label=Product&message=SSL%20Zen%20&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=SSL%20Zen&color=blue)
 ![](https://img.shields.io/static/v1?label=Version&message=0%3C%204.6.0%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-287%20Improper%20Authentication&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-548%20Exposure%20of%20Information%20Through%20Directory%20Listing&color=brighgreen)

 ### Description

-The SSL Zen  WordPress plugin before 4.6.0 only relies on the use of .htaccess to prevent visitors from accessing the site's generated private keys, which allows an attacker to read them if the site runs on a server who doesn't support .htaccess files, like NGINX.
+The SSL Zen  WordPress plugin before 4.6.0 does not properly prevent directory listing of the private keys folder, as it only relies on the use of .htaccess to prevent visitors from accessing the site's generated private keys, which allows an attacker to read them if the site runs on a server who doesn't support .htaccess files, like NGINX.

 ### POC

--- a/2024/CVE-2024-22263.md
+++ b/2024/CVE-2024-22263.md
@ -13,6 +13,7 @@ Spring Cloud Data Flow is a microservices-based Streaming and Batch data process
 No PoCs from references.

 #### Github
+- https://github.com/Mr-xn/Penetration_Testing_POC
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/tanjiti/sec_profile

--- a/2024/CVE-2024-2694.md
+++ b/2024/CVE-2024-2694.md
@ -0,0 +1,18 @@
+### [CVE-2024-2694](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2694)
+![](https://img.shields.io/static/v1?label=Product&message=Betheme&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%2027.5.6%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-502%20Deserialization%20of%20Untrusted%20Data&color=brighgreen)
+
+### Description
+
+The Betheme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 27.5.6 via deserialization of untrusted input of the 'mfn-page-items' post meta value. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
--- a/2024/CVE-2024-27198.md
+++ b/2024/CVE-2024-27198.md
@ -10,7 +10,7 @@ In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform
 ### POC

 #### Reference
-No PoCs from references.
+- https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive

 #### Github
 - https://github.com/0xMarcio/cve
--- a/2024/CVE-2024-27199.md
+++ b/2024/CVE-2024-27199.md
@ -10,7 +10,7 @@ In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limite
 ### POC

 #### Reference
-No PoCs from references.
+- https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive

 #### Github
 - https://github.com/0xMarcio/cve
--- a/2024/CVE-2024-30188.md
+++ b/2024/CVE-2024-30188.md
@ -0,0 +1,17 @@
+### [CVE-2024-30188](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30188)
+![](https://img.shields.io/static/v1?label=Product&message=Apache%20DolphinScheduler&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=3.1.0%3C%203.2.2%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%20Improper%20Input%20Validation&color=brighgreen)
+
+### Description
+
+File read and write vulnerability in Apache DolphinScheduler ,  authenticated users can illegally access additional resource files.This issue affects Apache DolphinScheduler: from 3.1.0 before 3.2.2.Users are recommended to upgrade to version 3.2.2, which fixes the issue.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Mr-xn/Penetration_Testing_POC
+
--- a/2024/CVE-2024-36412.md
+++ b/2024/CVE-2024-36412.md
@ -13,6 +13,7 @@ SuiteCRM is an open-source Customer Relationship Management (CRM) software appli
 No PoCs from references.

 #### Github
+- https://github.com/Mr-xn/Penetration_Testing_POC
 - https://github.com/wy876/POC
 - https://github.com/wy876/wiki

--- a/2024/CVE-2024-37084.md
+++ b/2024/CVE-2024-37084.md
@ -13,5 +13,6 @@ In Spring Cloud Data Flow versions prior to 2.11.4,  a malicious user who has
 No PoCs from references.

 #### Github
+- https://github.com/Mr-xn/Penetration_Testing_POC
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-38856.md
+++ b/2024/CVE-2024-38856.md
@ -14,6 +14,7 @@ No PoCs from references.

 #### Github
 - https://github.com/20142995/nuclei-templates
+- https://github.com/Mr-xn/Penetration_Testing_POC
 - https://github.com/Ostorlab/KEV
 - https://github.com/RacerZ-fighting/CVE-2024-32113-POC
 - https://github.com/RacerZ-fighting/RacerZ-fighting
--- a/2024/CVE-2024-38869.md
+++ b/2024/CVE-2024-38869.md
@ -1,14 +1,11 @@
 ### [CVE-2024-38869](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38869)
-![](https://img.shields.io/static/v1?label=Product&message=ServiceDesk%20Plus%20MSP&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=ServiceDesk%20Plus&color=blue)
-![](https://img.shields.io/static/v1?label=Product&message=SupportCenter%20Plus&color=blue)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%2014800%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%2014810%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20(XSS%20or%20'Cross-site%20Scripting')&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Product&message=Endpoint%20Central&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%2011.3.2416.04%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-863%20Incorrect%20Authorization&color=brighgreen)

 ### Description

-An Stored Cross-site Scripting vulnerability affects Zohocorp ManageEngine ServiceDesk Plus, ServiceDesk Plus MSP and SupportCenter Plus.This issue affects ServiceDesk Plus versions: through 14810; ServiceDesk Plus MSP: through 14800; SupportCenter Plus: through 14800.
+Zohocorp ManageEngine Endpoint Central affected by Incorrect authorization vulnerability in remote office deploy configurations.This issue affects Endpoint Central: before 11.3.2416.04 and before 11.3.2400.25.

 ### POC

--- a/2024/CVE-2024-39705.md
+++ b/2024/CVE-2024-39705.md
@ -11,6 +11,7 @@ NLTK through 3.8.1 allows remote code execution if untrusted packages have pickl

 #### Reference
 - https://github.com/nltk/nltk/issues/3266
+- https://www.vicarius.io/vsociety/posts/rce-in-python-nltk-cve-2024-39705-39706

 #### Github
 No PoCs found on GitHub currently.
--- a/2024/CVE-2024-39930.md
+++ b/2024/CVE-2024-39930.md
@ -0,0 +1,17 @@
+### [CVE-2024-39930](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39930)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated. Windows installations are unaffected.
+
+### POC
+
+#### Reference
+- https://www.vicarius.io/vsociety/posts/argument-injection-in-gogs-ssh-server-cve-2024-39930
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2024/CVE-2024-3998.md
+++ b/2024/CVE-2024-3998.md
@ -0,0 +1,18 @@
+### [CVE-2024-3998](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3998)
+![](https://img.shields.io/static/v1?label=Product&message=Betheme&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%2027.5.6%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 27.5.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
--- a/2024/CVE-2024-4146.md
+++ b/2024/CVE-2024-4146.md
@ -1,11 +1,11 @@
 ### [CVE-2024-4146](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4146)
 ![](https://img.shields.io/static/v1?label=Product&message=lunary-ai%2Flunary&color=blue)
 ![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%201.2.26%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-285%20Improper%20Authorization&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-863%20Incorrect%20Authorization&color=brighgreen)

 ### Description

-In lunary-ai/lunary version v1.2.13, an improper authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the `checkProjectAccess` method within the authorization middleware, which fails to adequately verify if a user has the correct permissions to access a specific project. Instead, it only checks if the user is part of the organization owning the project, overlooking the necessary check against the `account_project` table for explicit project access rights. This flaw enables attackers to gain complete control over all resources within a project, including the ability to create, update, read, and delete any resource, compromising the privacy and security of sensitive information.
+In lunary-ai/lunary version v1.2.13, an incorrect authorization vulnerability exists that allows unauthorized users to access and manipulate projects within an organization they should not have access to. Specifically, the vulnerability is located in the `checkProjectAccess` method within the authorization middleware, which fails to adequately verify if a user has the correct permissions to access a specific project. Instead, it only checks if the user is part of the organization owning the project, overlooking the necessary check against the `account_project` table for explicit project access rights. This flaw enables attackers to gain complete control over all resources within a project, including the ability to create, update, read, and delete any resource, compromising the privacy and security of sensitive information.

 ### POC

--- a/2024/CVE-2024-43044.md
+++ b/2024/CVE-2024-43044.md
@ -13,6 +13,7 @@ Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to rea
 No PoCs from references.

 #### Github
+- https://github.com/Mr-xn/Penetration_Testing_POC
 - https://github.com/Ostorlab/KEV
 - https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/nomi-sec/PoC-in-GitHub
--- a/2024/CVE-2024-4401.md
+++ b/2024/CVE-2024-4401.md
@ -0,0 +1,18 @@
+### [CVE-2024-4401](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4401)
+![](https://img.shields.io/static/v1?label=Product&message=Elementor%20Addon%20Elements&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.13.5%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ and 'eae_slider_animation' parameters in all versions up to, and including, 1.13.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
--- a/2024/CVE-2024-44916.md
+++ b/2024/CVE-2024-44916.md
@ -0,0 +1,17 @@
+### [CVE-2024-44916](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44916)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Vulnerability in admin_ip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-44918.md
+++ b/2024/CVE-2024-44918.md
@ -0,0 +1,17 @@
+### [CVE-2024-44918](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44918)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A cross-site scripting (XSS) vulnerability in the component admin_datarelate.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-45047.md
+++ b/2024/CVE-2024-45047.md
@ -0,0 +1,17 @@
+### [CVE-2024-45047](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45047)
+![](https://img.shields.io/static/v1?label=Product&message=svelte&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%204.2.19%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+svelte performance oriented web framework. A potential mXSS vulnerability exists in Svelte for versions up to but not including 4.2.19. Svelte improperly escapes HTML on server-side rendering. The assumption is that attributes will always stay as such, but in some situation the final DOM tree rendered on browsers is different from what Svelte expects on server-side rendering. This may be leveraged to perform XSS attacks, and a type of the XSS is known as mXSS (mutation XSS). More specifically, this can occur when injecting malicious content into an attribute within a `noscript` tag. This issue has been addressed in release version 4.2.19. Users are advised to upgrade. There are no known workarounds for this vulnerability.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-4872.md
+++ b/2024/CVE-2024-4872.md
@ -1,7 +1,7 @@
 ### [CVE-2024-4872](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4872)
 ![](https://img.shields.io/static/v1?label=Product&message=MicroSCADA%20SYS600&color=blue)
 ![](https://img.shields.io/static/v1?label=Version&message=10.0%3C%3D%2010.5%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

 ### Description

--- a/2024/CVE-2024-5024.md
+++ b/2024/CVE-2024-5024.md
@ -0,0 +1,18 @@
+### [CVE-2024-5024](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5024)
+![](https://img.shields.io/static/v1?label=Product&message=Memberpress&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%201.11.29%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The Memberpress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mepr_screenname' and 'mepr_key' parameter in all versions up to, and including, 1.11.29 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
--- a/2024/CVE-2024-5061.md
+++ b/2024/CVE-2024-5061.md
@ -0,0 +1,18 @@
+### [CVE-2024-5061](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5061)
+![](https://img.shields.io/static/v1?label=Product&message=Enfold%20-%20Responsive%20Multi-Purpose%20Theme&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%206.0.3%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The Enfold - Responsive Multi-Purpose Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wrapper_class’ and 'class' parameters in all versions up to, and including, 6.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
--- a/2024/CVE-2024-5651.md
+++ b/2024/CVE-2024-5651.md
@ -5,7 +5,7 @@

 ### Description

-A flaw was found in fence agents that rely on SSH/Telnet. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting  --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator's pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.
+A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution (RCE) primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a specially crafted FenceAgentsRemediation for a fence agent supporting  --ssh-path/--telnet-path arguments to execute arbitrary commands on the operator's pod. This RCE leads to a privilege escalation, first as the service account running the operator, then to another service account with cluster-admin privileges.

 ### POC

--- a/2024/CVE-2024-5784.md
+++ b/2024/CVE-2024-5784.md
@ -0,0 +1,18 @@
+### [CVE-2024-5784](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5784)
+![](https://img.shields.io/static/v1?label=Product&message=Tutor%20LMS%20Pro&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%202.7.2%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-862%20Missing%20Authorization&color=brighgreen)
+
+### Description
+
+The Tutor LMS  Pro plugin for WordPress is vulnerable to unauthorized administrative actions execution due to a missing capability checks on multiple functions like treport_quiz_atttempt_delete and tutor_gc_class_action in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers, with the subscriber-level access and above, to preform an administrative actions on the site, like comments, posts or users deletion, viewing notifications, etc.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
--- a/2024/CVE-2024-5847.md
+++ b/2024/CVE-2024-5847.md
@ -0,0 +1,17 @@
+### [CVE-2024-5847](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5847)
+![](https://img.shields.io/static/v1?label=Product&message=Chrome&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=126.0.6478.54%3C%20126.0.6478.54%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Use%20after%20free&color=brighgreen)
+
+### Description
+
+Use after free in PDFium in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)
+
+### POC
+
+#### Reference
+- https://issues.chromium.org/issues/341313077
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2024/CVE-2024-5879.md
+++ b/2024/CVE-2024-5879.md
@ -0,0 +1,18 @@
+### [CVE-2024-5879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5879)
+![](https://img.shields.io/static/v1?label=Product&message=HubSpot%20%E2%80%93%20CRM%2C%20Email%20Marketing%2C%20Live%20Chat%2C%20Forms%20%26%20Analytics&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=*%3C%3D%2011.1.22%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+The HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute of the HubSpot Meeting Widget in all versions up to, and including, 11.1.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
+
--- a/2024/CVE-2024-6204.md
+++ b/2024/CVE-2024-6204.md
@ -0,0 +1,17 @@
+### [CVE-2024-6204](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6204)
+![](https://img.shields.io/static/v1?label=Product&message=Exchange%20Reporter%20Plus&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%205715%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20SQL%20Command%20('SQL%20Injection')&color=brighgreen)
+
+### Description
+
+Zohocorp ManageEngine Exchange Reporter Plus versions before 5715 are vulnerable to SQL Injection in the reports module.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-6227.md
+++ b/2024/CVE-2024-6227.md
@ -1,11 +1,11 @@
 ### [CVE-2024-6227](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6227)
 ![](https://img.shields.io/static/v1?label=Product&message=aimhubio%2Faim&color=blue)
 ![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%3D%20latest%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-400%20Uncontrolled%20Resource%20Consumption&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-835%20Loop%20with%20Unreachable%20Exit%20Condition%20('Infinite%20Loop')&color=brighgreen)

 ### Description

-A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause a denial of service by configuring the remote tracking server to point at itself. This results in the server endlessly connecting to itself, rendering it unable to respond to other connections.
+A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause an infinite loop by configuring the remote tracking server to point at itself. This results in the server endlessly connecting to itself, rendering it unable to respond to other connections.

 ### POC

--- a/2024/CVE-2024-6255.md
+++ b/2024/CVE-2024-6255.md
@ -1,7 +1,7 @@
 ### [CVE-2024-6255](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6255)
 ![](https://img.shields.io/static/v1?label=Product&message=gaizhenbiao%2Fchuanhuchatgpt&color=blue)
 ![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%3D%20latest%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-73%20External%20Control%20of%20File%20Name%20or%20Path&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brighgreen)

 ### Description

--- a/2024/CVE-2024-6331.md
+++ b/2024/CVE-2024-6331.md
@ -1,7 +1,7 @@
 ### [CVE-2024-6331](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6331)
 ![](https://img.shields.io/static/v1?label=Product&message=stitionai%2Fdevika&color=blue)
 ![](https://img.shields.io/static/v1?label=Version&message=unspecified%3C%3D%20latest%20&color=brighgreen)
-![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200%20Exposure%20of%20Sensitive%20Information%20to%20an%20Unauthorized%20Actor&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-74%20Improper%20Neutralization%20of%20Special%20Elements%20in%20Output%20Used%20by%20a%20Downstream%20Component%20('Injection')&color=brighgreen)

 ### Description

--- a/2024/CVE-2024-6670.md
+++ b/2024/CVE-2024-6670.md
@ -14,4 +14,5 @@ No PoCs from references.

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
+- https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-6783.md
+++ b/2024/CVE-2024-6783.md
@ -10,6 +10,7 @@ A vulnerability has been discovered in Vue, that allows an attacker to perform X
 ### POC

 #### Reference
+- https://www.herodevs.com/vulnerability-directory/cve-2024-6783
 - https://www.herodevs.com/vulnerability-directory/cve-2024-6783---vue-client-side-xss

 #### Github
--- a/2024/CVE-2024-7051.md
+++ b/2024/CVE-2024-7051.md
@ -0,0 +1,17 @@
+### [CVE-2024-7051](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7051)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)
+
+### Description
+
+** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-7120.md
+++ b/2024/CVE-2024-7120.md
@ -18,4 +18,5 @@ No PoCs from references.
 #### Github
 - https://github.com/Ostorlab/KEV
 - https://github.com/komodoooo/Some-things
+- https://github.com/nomi-sec/PoC-in-GitHub

--- a/2024/CVE-2024-7122.md
+++ b/2024/CVE-2024-7122.md
@ -13,5 +13,7 @@ The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-
 No PoCs from references.

 #### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7712.md
+++ b/2024/CVE-2024-7712.md
@ -0,0 +1,17 @@
+### [CVE-2024-7712](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7712)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)
+
+### Description
+
+** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-7858.md
+++ b/2024/CVE-2024-7858.md
@ -13,5 +13,7 @@ The Media Library Folders plugin for WordPress is vulnerable to unauthorized acc
 No PoCs from references.

 #### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-7919.md
+++ b/2024/CVE-2024-7919.md
@ -0,0 +1,17 @@
+### [CVE-2024-7919](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7919)
+![](https://img.shields.io/static/v1?label=Product&message=Jieshun%20JieLink%2B%20JSOTC2016&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%2020240805%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%20Improper%20Access%20Controls&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as critical, has been found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805. This issue affects some unknown processing of the file /report/ParkChargeRecord/GetDataList. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Mr-xn/Penetration_Testing_POC
+
--- a/2024/CVE-2024-7920.md
+++ b/2024/CVE-2024-7920.md
@ -0,0 +1,17 @@
+### [CVE-2024-7920](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7920)
+![](https://img.shields.io/static/v1?label=Product&message=Jieshun%20JieLink%2B%20JSOTC2016&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%2020240805%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%20Improper%20Access%20Controls&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as problematic, was found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805. Affected is an unknown function of the file /Report/ParkCommon/GetParkInThroughDeivces. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Mr-xn/Penetration_Testing_POC
+
--- a/2024/CVE-2024-7921.md
+++ b/2024/CVE-2024-7921.md
@ -0,0 +1,17 @@
+### [CVE-2024-7921](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7921)
+![](https://img.shields.io/static/v1?label=Product&message=Jieshun%20JieLink%2B%20JSOTC2016&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%2020240805%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-284%20Improper%20Access%20Controls&color=brighgreen)
+
+### Description
+
+A vulnerability has been found in Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /report/ParkOutRecord/GetDataList. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/Mr-xn/Penetration_Testing_POC
+
--- a/2024/CVE-2024-8016.md
+++ b/2024/CVE-2024-8016.md
@ -13,5 +13,7 @@ The Events Calendar Pro plugin for WordPress is vulnerable to PHP Object Injecti
 No PoCs from references.

 #### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-8064.md
+++ b/2024/CVE-2024-8064.md
@ -0,0 +1,17 @@
+### [CVE-2024-8064](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8064)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)
+
+### Description
+
+** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-8235.md
+++ b/2024/CVE-2024-8235.md
@ -0,0 +1,21 @@
+### [CVE-2024-8235](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8235)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%206&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%207&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208%20Advanced%20Virtualization&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=NULL%20Pointer%20Dereference&color=brighgreen)
+
+### Description
+
+A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash of virtinterfaced. This issue could allow clients connecting to the read-only socket to crash the virtinterfaced daemon.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-8252.md
+++ b/2024/CVE-2024-8252.md
@ -13,5 +13,7 @@ The Clean Login plugin for WordPress is vulnerable to Local File Inclusion in al
 No PoCs from references.

 #### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-8260.md
+++ b/2024/CVE-2024-8260.md
@ -0,0 +1,17 @@
+### [CVE-2024-8260](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8260)
+![](https://img.shields.io/static/v1?label=Product&message=OPA&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%20v0.68.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-294%20Authentication%20Bypass%20by%20Capture-replay&color=brighgreen)
+
+### Description
+
+A SMB force-authentication vulnerability exists in all versions of OPA for Windows prior to v0.68.0. The vulnerability exists because of improper input validation, allowing a user to pass an arbitrary SMB share instead of a Rego file as an argument to OPA CLI or to one of the OPA Go library’s functions.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2024/CVE-2024-8274.md
+++ b/2024/CVE-2024-8274.md
@ -13,5 +13,7 @@ The WP Booking Calendar plugin for WordPress is vulnerable to Reflected Cross-Si
 No PoCs from references.

 #### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-8319.md
+++ b/2024/CVE-2024-8319.md
@ -13,5 +13,7 @@ The Tourfic plugin for WordPress is vulnerable to Cross-Site Request Forgery in
 No PoCs from references.

 #### Github
+- https://github.com/20142995/nuclei-templates
+- https://github.com/cyb3r-w0lf/nuclei-template-collection
 - https://github.com/fkie-cad/nvd-json-data-feeds

--- a/2024/CVE-2024-8331.md
+++ b/2024/CVE-2024-8331.md
@ -0,0 +1,17 @@
+### [CVE-2024-8331](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8331)
+![](https://img.shields.io/static/v1?label=Product&message=RapidCMS&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.3.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in OpenRapid RapidCMS up to 1.3.1. It has been classified as critical. This affects an unknown part of the file /admin/user/user-move-run.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/Show More
+++ b/Show More