admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-11-12T15:00:38.996511+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-11-12 15:03:42 +00:00
parent 1c8b3d6e53
commit c16b7abbfa
453 changed files with 6083 additions and 1298 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
CVE-2020/CVE-2020-103xx/CVE-2020-10367.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-10367",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-10T23:15:04.170",
"lastModified": "2024-11-11T00:15:13.480",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory access via a \"Spectra\" attack."
},
{
"lang": "es",
"value": "Ciertos chips Cypress (y Broadcom) Wireless Combo, cuando no hay una actualizaci\u00f3n de firmware de enero de 2021, permiten el acceso a la memoria a trav\u00e9s de un ataque \"Spectra\"."
}
],
"metrics": {},

8
CVE-2020/CVE-2020-103xx/CVE-2020-10368.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-10368",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-10T23:15:04.247",
"lastModified": "2024-11-11T00:15:13.607",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow memory read access via a \"Spectra\" attack."
},
{
"lang": "es",
"value": "Ciertos chips Cypress (y Broadcom) Wireless Combo, cuando no hay una actualizaci\u00f3n de firmware de enero de 2021, permiten el acceso de lectura de memoria a trav\u00e9s de un ataque \"Spectra\"."
}
],
"metrics": {},

8
CVE-2020/CVE-2020-103xx/CVE-2020-10369.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-10369",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-10T23:15:04.307",
"lastModified": "2024-11-11T00:15:13.660",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain Cypress (and Broadcom) Wireless Combo chips, when a January 2021 firmware update is not present, allow inferences about memory content via a \"Spectra\" attack."
},
{
"lang": "es",
"value": "Ciertos chips Cypress (y Broadcom) Wireless Combo, cuando no hay una actualizaci\u00f3n de firmware de enero de 2021, permiten inferencias sobre el contenido de la memoria a trav\u00e9s de un ataque \"Spectra\"."
}
],
"metrics": {},

8
CVE-2020/CVE-2020-103xx/CVE-2020-10370.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2020-10370",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-11T00:15:13.707",
"lastModified": "2024-11-11T00:15:13.707",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Certain Cypress (and Broadcom) Wireless Combo chips such as CYW43455, when a 2021-01-26 Bluetooth firmware update is not present, allow a Bluetooth outage via a \"Spectra\" attack."
},
{
"lang": "es",
"value": "Ciertos chips combinados inal\u00e1mbricos Cypress (y Broadcom) como CYW43455, cuando no hay una actualizaci\u00f3n de firmware Bluetooth del 26/01/2021, permiten una interrupci\u00f3n del Bluetooth a trav\u00e9s de un ataque \"Spectra\"."
}
],
"metrics": {},

8
CVE-2021/CVE-2021-354xx/CVE-2021-35473.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-35473",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-10T23:15:04.383",
"lastModified": "2024-11-10T23:15:04.383",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in LemonLDAP::NG before 2.0.12. There is a missing expiration check in the OAuth2.0 handler, i.e., it does not verify access token validity. An attacker can use a expired access token from an OIDC client to access the OAuth2 handler The earliest affected version is 2.0.4."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en LemonLDAP::NG antes de la versi\u00f3n 2.0.12. Falta una comprobaci\u00f3n de caducidad en el controlador OAuth2.0, es decir, no verifica la validez del token de acceso. Un atacante puede usar un token de acceso caducado de un cliente OIDC para acceder al controlador OAuth2. La primera versi\u00f3n afectada es la 2.0.4."
}
],
"metrics": {},

8
CVE-2021/CVE-2021-417xx/CVE-2021-41737.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2021-41737",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-10T23:15:04.450",
"lastModified": "2024-11-10T23:15:04.450",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Faust 2.23.1, an input file with the lines \"// r visualisation tCst\" and \"//process = +: L: abM-^Q;\" and \"process = route(3333333333333333333,2,1,2,3,1) : *;\" leads to stack consumption."
},
{
"lang": "es",
"value": "En Faust 2.23.1, un archivo de entrada con las l\u00edneas \"// r visualisation tCst\" y \"//process = +: L: abM-^Q;\" y \"process = route(3333333333333333333,2,1,2,3,1) : *;\" conduce al consumo de la pila."
}
],
"metrics": {},

100
CVE-2023/CVE-2023-327xx/CVE-2023-32736.json Normal file
View File

@ -0,0 +1,100 @@
{
"id": "CVE-2023-32736",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-11-12T13:15:05.527",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in SIMATIC S7-PLCSIM V16 (All versions), SIMATIC S7-PLCSIM V17 (All versions), SIMATIC STEP 7 Safety V16 (All versions), SIMATIC STEP 7 Safety V17 (All versions < V17 Update 8), SIMATIC STEP 7 Safety V18 (All versions < V18 Update 5), SIMATIC STEP 7 V16 (All versions), SIMATIC STEP 7 V17 (All versions < V17 Update 8), SIMATIC STEP 7 V18 (All versions < V18 Update 5), SIMATIC WinCC Unified V16 (All versions), SIMATIC WinCC Unified V17 (All versions < V17 Update 8), SIMATIC WinCC Unified V18 (All versions < V18 Update 5), SIMATIC WinCC V16 (All versions), SIMATIC WinCC V17 (All versions < V17 Update 8), SIMATIC WinCC V18 (All versions < V18 Update 5), SIMOCODE ES V16 (All versions), SIMOCODE ES V17 (All versions < V17 Update 8), SIMOCODE ES V18 (All versions), SIMOTION SCOUT TIA V5.4 SP1 (All versions), SIMOTION SCOUT TIA V5.4 SP3 (All versions), SIMOTION SCOUT TIA V5.5 SP1 (All versions), SINAMICS Startdrive V16 (All versions), SINAMICS Startdrive V17 (All versions), SINAMICS Startdrive V18 (All versions), SIRIUS Safety ES V17 (All versions < V17 Update 8), SIRIUS Safety ES V18 (All versions), SIRIUS Soft Starter ES V17 (All versions < V17 Update 8), SIRIUS Soft Starter ES V18 (All versions), TIA Portal Cloud V16 (All versions), TIA Portal Cloud V17 (All versions < V4.6.0.1), TIA Portal Cloud V18 (All versions < V4.6.1.0). Affected products do not properly sanitize user-controllable input when parsing user settings. This could allow an attacker to cause a type confusion and execute arbitrary code within the affected application."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "productcert@siemens.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "HIGH",
"vulnerableSystemIntegrity": "HIGH",
"vulnerableSystemAvailability": "HIGH",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 7.0,
"baseSeverity": "HIGH"
}
}
],
"cvssMetricV31": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9
}
]
},
"weaknesses": [
{
"source": "productcert@siemens.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-502"
}
]
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-871035.html",
"source": "productcert@siemens.com"
}
]
}

8
CVE-2023/CVE-2023-404xx/CVE-2023-40457.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2023-40457",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-11-11T00:15:13.817",
"lastModified": "2024-11-11T00:15:13.817",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "cve@mitre.org",
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "The BGP daemon in Extreme Networks ExtremeXOS (aka EXOS) 30.7.1.1 allows an attacker (who is not on a directly connected network) to cause a denial of service (BGP session reset) because of BGP attribute error mishandling (for attribute 21 and 25). NOTE: the vendor disputes this because it is \"evaluating support for RFC 7606 as a future feature\" and believes that \"customers that have chosen to not require or implement RFC 7606 have done so willingly and with knowledge of what is needed to defend against these types of attacks.\""
},
{
"lang": "es",
"value": "El daemon BGP en Extreme Networks ExtremeXOS (tambi\u00e9n conocido como EXOS) 30.7.1.1 permite que un atacante (que no est\u00e1 en una red conectada directamente) provoque una denegaci\u00f3n de servicio (reinicio de sesi\u00f3n BGP) debido a un manejo incorrecto de errores de atributos BGP (para los atributos 21 y 25). NOTA: el proveedor lo niega porque est\u00e1 \"evaluando la compatibilidad con RFC 7606 como una caracter\u00edstica futura\" y cree que \"los clientes que han optado por no requerir o implementar RFC 7606 lo han hecho voluntariamente y con conocimiento de lo que se necesita para defenderse contra este tipo de ataques\"."
}
],
"metrics": {},

8
CVE-2023/CVE-2023-462xx/CVE-2023-46280.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-46280",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-05-14T16:15:40.800",
"lastModified": "2024-10-08T09:15:08.837",
"lastModified": "2024-11-12T13:15:05.960",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel."
"value": "A vulnerability has been identified in S7-PCT (All versions), Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMATIC NET PC Software V18 (All versions < V18 SP1), SIMATIC NET PC Software V19 (All versions < V19 Update 2), SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC PDM V9.2 (All versions < V9.2 SP2 Upd3), SIMATIC Route Control V9.1 (All versions < V9.1 SP2 Upd3), SIMATIC STEP 7 V5 (All versions), SIMATIC WinCC OA V3.17 (All versions), SIMATIC WinCC OA V3.18 (All versions < V3.18 P025), SIMATIC WinCC OA V3.19 (All versions < V3.19 P010), SIMATIC WinCC Runtime Advanced (All versions), SIMATIC WinCC Runtime Professional V16 (All versions < V16 Update 6), SIMATIC WinCC Runtime Professional V17 (All versions < V17 Update 8), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 4), SIMATIC WinCC Runtime Professional V19 (All versions < V19 Update 2), SIMATIC WinCC Unified PC Runtime V18 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 17), SIMATIC WinCC V8.0 (All versions < V8.0 Update 5), SINAMICS Startdrive (All versions < V19 SP1), SINEC NMS (All versions < V3.0), SINEC NMS (All versions < V3.0 SP1), SINUMERIK ONE virtual (All versions < V6.23), SINUMERIK PLC Programming Tool (All versions < V3.3.12), TIA Portal Cloud Connector (All versions < V2.0), Totally Integrated Automation Portal (TIA Portal) V15.1 (All versions), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions < V18 Update 4), Totally Integrated Automation Portal (TIA Portal) V19 (All versions < V19 Update 2). The affected applications contain an out of bounds read vulnerability. This could allow an attacker to cause a Blue Screen of Death (BSOD) crash of the underlying Windows kernel."
},
{
"lang": "es",
@ -96,6 +96,10 @@
}
],
"references": [
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-331112.html",
"source": "productcert@siemens.com"
},
{
"url": "https://cert-portal.siemens.com/productcert/html/ssa-784301.html",
"source": "productcert@siemens.com"

4
CVE-2023/CVE-2023-490xx/CVE-2023-49069.json
View File

@ -2,13 +2,13 @@
"id": "CVE-2023-49069",
"sourceIdentifier": "productcert@siemens.com",
"published": "2024-09-10T10:15:08.947",
"lastModified": "2024-10-10T15:15:14.937",
"lastModified": "2024-11-12T13:15:06.193",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been identified in Mendix Runtime V10 (All versions only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions only if the basic authentication mechanism is used by the application), Mendix Runtime V10.6 (All versions only if the basic authentication mechanism is used by the application), Mendix Runtime V8 (All versions < V8.18.32 only if the basic authentication mechanism is used by the application), Mendix Runtime V9 (All versions only if the basic authentication mechanism is used by the application). The authentication mechanism of affected applications contains an observable response discrepancy vulnerability when validating usernames. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames."
"value": "A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.16.0 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions < V10.12.7 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.6 (All versions < V10.6.16 only if the basic authentication mechanism is used by the application), Mendix Runtime V8 (All versions < V8.18.32 only if the basic authentication mechanism is used by the application), Mendix Runtime V9 (All versions < V9.24.29 only if the basic authentication mechanism is used by the application). The authentication mechanism of affected applications contains an observable response discrepancy vulnerability when validating usernames. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames."
},
{
"lang": "es",

8
CVE-2024/CVE-2024-101xx/CVE-2024-10179.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10179",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-12T07:15:03.377",
"lastModified": "2024-11-12T07:15:03.377",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Slickstream: Engagement and Conversions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slick-grid shortcode in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Slickstream: Engagement and Conversions para WordPress es vulnerable a Cross Site Scripting almacenado a trav\u00e9s del c\u00f3digo abreviado slick-grid del complemento en todas las versiones hasta la 1.4.4 incluida, debido a una desinfecci\u00f3n de entrada insuficiente y al escape de salida en los atributos proporcionados por el usuario. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

4
CVE-2024/CVE-2024-102xx/CVE-2024-10245.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10245",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-12T10:15:04.003",
"lastModified": "2024-11-12T10:15:04.003",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

8
CVE-2024/CVE-2024-102xx/CVE-2024-10261.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10261",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T12:15:16.800",
"lastModified": "2024-11-09T12:15:16.800",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The The Paid Membership Subscriptions \u2013 Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.13.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes."
},
{
"lang": "es",
"value": "El complemento The Paid Membership Subscriptions \u2013 Effortless Memberships, Recurring Payments &amp; Content Restriction para WordPress es vulnerable a la ejecuci\u00f3n de c\u00f3digos cortos arbitrarios en todas las versiones hasta la 2.13.0 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acci\u00f3n que no valida correctamente un valor antes de ejecutar do_shortcode. Esto hace posible que atacantes no autenticados ejecuten c\u00f3digos cortos arbitrarios."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10265.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10265",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-10T13:15:03.657",
"lastModified": "2024-11-10T13:15:03.657",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Form Maker by 10Web \u2013 Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.15.30. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento Form Maker by 10Web \u2013 Mobile-Friendly Drag &amp; Drop Contact Form Builder para WordPress, es vulnerable a ataques de Cross-site Scripting reflejado debido al uso de add_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.15.30 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10284.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10284",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T03:15:03.943",
"lastModified": "2024-11-09T03:15:03.943",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:54.483",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.2.0. This is due to hardcoded encryption key in the 'ce21_authentication_phrase' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email."
},
{
"lang": "es",
"value": "El complemento CE21 Suite para WordPress es vulnerable a la omisi\u00f3n de autenticaci\u00f3n en versiones hasta la 2.2.0 incluida. Esto se debe a una clave de cifrado codificada en la funci\u00f3n 'ce21_authentication_phrase'. Esto permite que atacantes no autenticados inicien sesi\u00f3n como cualquier usuario existente en el sitio, como un administrador, si tienen acceso al correo electr\u00f3nico."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10285.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10285",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T03:15:04.410",
"lastModified": "2024-11-09T03:15:04.410",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:54.483",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the plugin-log.txt in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to log in the user associated with the JWT token."
},
{
"lang": "es",
"value": "El complemento CE21 Suite para WordPress es vulnerable a la divulgaci\u00f3n de informaci\u00f3n confidencial a trav\u00e9s del archivo plugin-log.txt en versiones hasta la 2.2.0 incluida. Esto permite que atacantes no autenticados inicien sesi\u00f3n en el usuario asociado con el token JWT."
}
],
"metrics": {

8
CVE-2024/CVE-2024-102xx/CVE-2024-10294.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10294",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T03:15:04.647",
"lastModified": "2024-11-09T03:15:04.647",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:54.483",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ce21_single_sign_on_save_api_settings' function in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to change plugin settings."
},
{
"lang": "es",
"value": "El complemento CE21 Suite para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n 'ce21_single_sign_on_save_api_settings' en versiones hasta la 2.2.0 incluida. Esto hace posible que atacantes no autenticados cambien la configuraci\u00f3n del complemento."
}
],
"metrics": {

10
CVE-2024/CVE-2024-103xx/CVE-2024-10314.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10314",
"sourceIdentifier": "security@puppet.com",
"published": "2024-11-11T14:15:14.190",
"lastModified": "2024-11-11T14:15:14.190",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the auto-generation function was identified. Reported by Karol Wi\u0119sek."
"value": "In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the auto-generation function was identified. Reported by Karol Wi?sek."
},
{
"lang": "es",
"value": "En versiones de Helix Core anteriores a 2024.2, se identific\u00f3 una denegaci\u00f3n de servicio (DoS) remota no autenticada a trav\u00e9s de la funci\u00f3n de generaci\u00f3n autom\u00e1tica. Informado por Karol Wi?sek."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10315.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10315",
"sourceIdentifier": "security@puppet.com",
"published": "2024-11-11T20:15:17.223",
"lastModified": "2024-11-11T20:15:17.223",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6"
},
{
"lang": "es",
"value": "En Gliffy Online se descubri\u00f3 una configuraci\u00f3n insegura en versiones anteriores a 4.14.0-6"
}
],
"metrics": {

4
CVE-2024/CVE-2024-103xx/CVE-2024-10323.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-10323",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-12T07:15:03.770",
"lastModified": "2024-11-12T07:15:03.770",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{

10
CVE-2024/CVE-2024-103xx/CVE-2024-10344.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10344",
"sourceIdentifier": "security@puppet.com",
"published": "2024-11-11T14:15:14.453",
"lastModified": "2024-11-11T14:15:14.453",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Wi\u0119sek."
"value": "In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Wi?sek."
},
{
"lang": "es",
"value": "En versiones de Helix Core anteriores a 2024.2, se identific\u00f3 una denegaci\u00f3n de servicio (DoS) remota no autenticada a trav\u00e9s de la funci\u00f3n de rechazo. Informado por Karol Wi?sek."
}
],
"metrics": {

10
CVE-2024/CVE-2024-103xx/CVE-2024-10345.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10345",
"sourceIdentifier": "security@puppet.com",
"published": "2024-11-11T14:15:14.563",
"lastModified": "2024-11-11T14:15:14.563",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Wi\u0119sek."
"value": "In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Karol Wi?sek."
},
{
"lang": "es",
"value": "En versiones de Helix Core anteriores a 2024.2, se identific\u00f3 una denegaci\u00f3n de servicio (DoS) remota no autenticada a trav\u00e9s de la funci\u00f3n de apagado. Informado por Karol Wi?sek."
}
],
"metrics": {

8
CVE-2024/CVE-2024-103xx/CVE-2024-10352.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10352",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T12:15:17.243",
"lastModified": "2024-11-09T12:15:17.243",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the get_content_type function in includes/widgets/content-reveal.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data."
},
{
"lang": "es",
"value": "El complemento Magical Addons For Elementor para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n confidencial en todas las versiones hasta la 1.2.4 incluida a trav\u00e9s de la funci\u00f3n get_content_type en features/widgets/content-reveal.php. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos confidenciales de plantillas privadas, pendientes y en borrador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-104xx/CVE-2024-10470.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10470",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T06:15:15.967",
"lastModified": "2024-11-09T06:15:15.967",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WPLMS Learning Management System for WordPress, WordPress LMS theme for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation and permissions checks in the readfile and unlink functions in all versions up to, and including, 4.962. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The theme is vulnerable even when it is not activated."
},
{
"lang": "es",
"value": "El tema WPLMS Learning Management System para WordPress, WordPress LMS para WordPress, es vulnerable a la lectura y eliminaci\u00f3n arbitraria de archivos debido a la insuficiente validaci\u00f3n de la ruta de archivo y las comprobaciones de permisos en las funciones readfile y unlink en todas las versiones hasta la 4.962 incluida. Esto hace posible que atacantes no autenticados eliminen archivos arbitrarios en el servidor, lo que puede conducir f\u00e1cilmente a la ejecuci\u00f3n remota de c\u00f3digo cuando se elimina el archivo correcto (como wp-config.php). El tema es vulnerable incluso cuando no est\u00e1 activado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-105xx/CVE-2024-10508.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10508",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T08:15:02.920",
"lastModified": "2024-11-09T08:15:02.920",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The RegistrationMagic \u2013 User Registration Plugin with Custom Registration Forms plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 6.0.2.6. This is due to the plugin not properly validating the password reset token prior to updating a user's password. This makes it possible for unauthenticated attackers to reset the password of arbitrary users, including administrators, and gain access to these accounts."
},
{
"lang": "es",
"value": "El complemento RegistrationMagic \u2013 User Registration Plugin with Custom Registration Forms para WordPress es vulnerable a la escalada de privilegios mediante la apropiaci\u00f3n de cuentas en todas las versiones hasta la 6.0.2.6 incluida. Esto se debe a que el complemento no valida correctamente el token de restablecimiento de contrase\u00f1a antes de actualizar la contrase\u00f1a de un usuario. Esto permite que atacantes no autenticados restablezcan la contrase\u00f1a de usuarios arbitrarios, incluidos los administradores, y obtengan acceso a estas cuentas."
}
],
"metrics": {

8
CVE-2024/CVE-2024-105xx/CVE-2024-10538.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10538",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-12T04:15:03.933",
"lastModified": "2024-11-12T04:15:03.933",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the before_label parameter in the Image Comparison widget in all versions up to, and including, 3.12.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
},
{
"lang": "es",
"value": "El complemento Happy Addons para Elementor para WordPress es vulnerable a Cross Site Scripting almacenado a trav\u00e9s del par\u00e1metro before_label en el widget Comparaci\u00f3n de im\u00e1genes en todas las versiones hasta la 3.12.5 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-105xx/CVE-2024-10547.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10547",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T08:15:03.563",
"lastModified": "2024-11-09T08:15:03.563",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the user_profile_image_upload() function in all versions up to, and including, 1.6.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible."
},
{
"lang": "es",
"value": "El complemento WP Membership para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n user_profile_image_upload() en todas las versiones hasta la 1.6.2 incluida. Esto hace posible que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-105xx/CVE-2024-10586.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10586",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T03:15:04.940",
"lastModified": "2024-11-09T03:15:04.940",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:54.483",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Debug Tool plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check on the dbt_pull_image() function and missing file type validation in all versions up to, and including, 2.2. This makes it possible for unauthenticated attackers to to create arbitrary files such as .php files that can be leveraged for remote code execution."
},
{
"lang": "es",
"value": "El complemento Debug Tool para WordPress es vulnerable a la creaci\u00f3n de archivos arbitrarios debido a la falta de una comprobaci\u00f3n de capacidad en la funci\u00f3n dbt_pull_image() y la falta de validaci\u00f3n del tipo de archivo en todas las versiones hasta la 2.2 incluida. Esto hace posible que atacantes no autenticados creen archivos arbitrarios, como archivos .php, que pueden aprovecharse para la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-105xx/CVE-2024-10588.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10588",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T03:15:05.210",
"lastModified": "2024-11-09T03:15:05.210",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Debug Tool plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the info() function in all versions up to, and including, 2.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to obtain information from phpinfo(). When WP_DEBUG is enabled, this can be exploited by unauthenticated users as well."
},
{
"lang": "es",
"value": "El complemento Debug Tool para WordPress es vulnerable al acceso no autorizado a los datos debido a una comprobaci\u00f3n de capacidad faltante en la funci\u00f3n info() en todas las versiones hasta la 2.2 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, obtengan informaci\u00f3n de phpinfo(). Cuando WP_DEBUG est\u00e1 habilitado, esto tambi\u00e9n puede ser explotado por usuarios no autenticados."
}
],
"metrics": {

8
CVE-2024/CVE-2024-105xx/CVE-2024-10589.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10589",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T08:15:03.910",
"lastModified": "2024-11-09T08:15:03.910",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Leopard - WordPress Offload Media plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the import_settings() function in all versions up to, and including, 3.1.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update arbitrary options on the WordPress site. This can be leveraged to update the default role for registration to administrator and enable user registration for attackers to gain administrative user access to a vulnerable site."
},
{
"lang": "es",
"value": "El complemento Leopard - WordPress Offload Media para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos que puede provocar una escalada de privilegios debido a una falta de comprobaci\u00f3n de capacidad en la funci\u00f3n import_settings() en todas las versiones hasta la 3.1.1 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, actualicen opciones arbitrarias en el sitio de WordPress. Esto se puede aprovechar para actualizar el rol predeterminado para el registro como administrador y habilitar el registro de usuarios para que los atacantes obtengan acceso de usuario administrativo a un sitio vulnerable."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10625.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10625",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T04:15:03.393",
"lastModified": "2024-11-09T04:15:03.393",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_tmp_uploaded_file() function in all versions up to, and including, 17.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."
},
{
"lang": "es",
"value": "El complemento WooCommerce Support Ticket System para WordPress es vulnerable a la eliminaci\u00f3n arbitraria de archivos debido a una validaci\u00f3n insuficiente de la ruta de archivo en la funci\u00f3n delete_tmp_uploaded_file() en todas las versiones hasta la 17.7 incluida. Esto hace posible que atacantes no autenticados eliminen archivos arbitrarios en el servidor, lo que puede provocar f\u00e1cilmente la ejecuci\u00f3n remota de c\u00f3digo cuando se elimina el archivo correcto (como wp-config.php)."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10626.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10626",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T04:15:03.747",
"lastModified": "2024-11-09T04:15:03.747",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_uploaded_file() function in all versions up to, and including, 17.7. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."
},
{
"lang": "es",
"value": "El complemento WooCommerce Support Ticket System para WordPress es vulnerable a la eliminaci\u00f3n arbitraria de archivos debido a una validaci\u00f3n insuficiente de la ruta de archivo en la funci\u00f3n delete_uploaded_file() en todas las versiones hasta la 17.7 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, eliminen archivos arbitrarios en el servidor, lo que puede provocar f\u00e1cilmente la ejecuci\u00f3n remota de c\u00f3digo cuando se elimina el archivo correcto (como wp-config.php)."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10627.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10627",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T04:15:04.053",
"lastModified": "2024-11-09T04:15:04.053",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WooCommerce Support Ticket System plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_manage_file_chunk_upload() function in all versions up to, and including, 17.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible."
},
{
"lang": "es",
"value": "El complemento WooCommerce Support Ticket System para WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n ajax_manage_file_chunk_upload() en todas las versiones hasta la 17.7 incluida. Esto hace posible que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10640.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10640",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T12:15:17.460",
"lastModified": "2024-11-09T12:15:17.460",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The The FOX \u2013 Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.2. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes."
},
{
"lang": "es",
"value": "El complemento FOX \u2013 Currency Switcher Professional para WooCommerce para WordPress es vulnerable a la ejecuci\u00f3n de c\u00f3digos cortos arbitrarios en todas las versiones hasta la 1.4.2.2 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acci\u00f3n que no valida correctamente un valor antes de ejecutar do_shortcode. Esto hace posible que atacantes no autenticados ejecuten c\u00f3digos cortos arbitrarios."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10667.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10667",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T05:15:07.640",
"lastModified": "2024-11-09T05:15:07.640",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.1.5 via the [csb] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to."
},
{
"lang": "es",
"value": "El complemento Content Slider Block para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 3.1.5 incluida a trav\u00e9s del c\u00f3digo corto [csb] debido a restricciones insuficientes sobre qu\u00e9 publicaciones se pueden incluir. Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos de publicaciones protegidas con contrase\u00f1a, privadas o en borrador a las que no deber\u00edan tener acceso."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10669.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10669",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T05:15:08.017",
"lastModified": "2024-11-09T05:15:08.017",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Countdown Timer block \u2013 Display the event&#039;s date into a timer. plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.4 via the [ctb] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to."
},
{
"lang": "es",
"value": "El complemento The Countdown Timer block \u2013 Display the event's date into a timer para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 1.2.4 incluida a trav\u00e9s del c\u00f3digo corto [ctb] debido a restricciones insuficientes sobre qu\u00e9 publicaciones se pueden incluir. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos de publicaciones protegidas con contrase\u00f1a, privadas o borradores a los que no deber\u00edan tener acceso."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10672.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10672",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-12T04:15:04.170",
"lastModified": "2024-11-12T04:15:04.170",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Multiple Page Generator Plugin \u2013 MPG plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the mpg_upsert_project_source_block() function in all versions up to, and including, 4.0.2. This makes it possible for authenticated attackers, with editor-level access and above, to delete limited files on the server."
},
{
"lang": "es",
"value": "El complemento Multiple Page Generator Plugin \u2013 MPG para WordPress es vulnerable a la eliminaci\u00f3n arbitraria de archivos debido a una validaci\u00f3n insuficiente de la ruta de archivo en la funci\u00f3n mpg_upsert_project_source_block() en todas las versiones hasta la 4.0.2 incluida. Esto permite que atacantes autenticados, con acceso de nivel de editor o superior, eliminen archivos limitados en el servidor."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10673.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10673",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T04:15:04.363",
"lastModified": "2024-11-09T04:15:04.363",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Top Store theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the top_store_install_and_activate_callback() function in all versions up to, and including, 1.5.4. This makes it possible for authenticated attackers, with subscriber-level access and above, to install arbitrary plugins which can contain other exploitable vulnerabilities to elevate privileges and gain remote code execution."
},
{
"lang": "es",
"value": "El tema Top Store para WordPress es vulnerable a la instalaci\u00f3n no autorizada de complementos arbitrarios debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n top_store_install_and_activate_callback() en todas las versiones hasta la 1.5.4 incluida. Esto hace posible que atacantes autenticados, con acceso de nivel de suscriptor y superior, instalen complementos arbitrarios que pueden contener otras vulnerabilidades explotables para elevar privilegios y obtener ejecuci\u00f3n remota de c\u00f3digo."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10674.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10674",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T04:15:04.677",
"lastModified": "2024-11-09T04:15:04.677",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Th Shop Mania theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the th_shop_mania_install_and_activate_callback() function in all versions up to, and including, 1.4.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install arbitrary plugins which can be leveraged to exploit other vulnerabilities and achieve remote code execution and privilege escalation."
},
{
"lang": "es",
"value": "El tema Th Shop Mania para WordPress es vulnerable a la instalaci\u00f3n no autorizada de complementos arbitrarios debido a una falta de verificaci\u00f3n de capacidad en la funci\u00f3n th_shop_mania_install_and_activate_callback() en todas las versiones hasta la 1.4.9 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, instalen complementos arbitrarios que pueden aprovecharse para explotar otras vulnerabilidades y lograr la ejecuci\u00f3n remota de c\u00f3digo y la escalada de privilegios."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10676.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10676",
"sourceIdentifier": "audit@patchstack.com",
"published": "2024-11-09T10:15:04.117",
"lastModified": "2024-11-09T10:15:04.117",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wojciech Borowicz Conversion Helper allows Reflected XSS.This issue affects Conversion Helper: from n/a through 1.12."
},
{
"lang": "es",
"value": "La vulnerabilidad de neutralizaci\u00f3n incorrecta de la entrada durante la generaci\u00f3n de p\u00e1ginas web (XSS o 'Cross-site Scripting') en Wojciech Borowicz Conversion Helper permite XSS reflejado. Este problema afecta a Conversion Helper: desde n/a hasta 1.12."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10683.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10683",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T07:15:03.523",
"lastModified": "2024-11-09T07:15:03.523",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form 7 \u2013 PayPal & Stripe Add-on plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.3.1. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. This is only exploitable when the leave a review notice is present in the dashboard."
},
{
"lang": "es",
"value": "El complemento Contact Form 7 \u2013 PayPal &amp; Stripe para WordPress es vulnerable a ataques Cross-Site Scripting reflejado debido al uso de add_query_arg y remove_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 2.3.1 incluida. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace. Esto solo se puede explotar cuando el aviso para dejar una rese\u00f1a est\u00e1 presente en el panel de control."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10685.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10685",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-12T04:15:04.410",
"lastModified": "2024-11-12T04:15:04.410",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Contact Form 7 Redirect & Thank You Page plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento Contact Form 7 Redirect &amp; Thank You Page para WordPress es vulnerable a Cross Site Scripting reflejado a trav\u00e9s del par\u00e1metro 'tab' en todas las versiones hasta la 1.0.6 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10688.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10688",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T07:15:05.720",
"lastModified": "2024-11-09T07:15:05.720",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Attesa Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.2 via the 'attesa-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to."
},
{
"lang": "es",
"value": "El complemento Attesa Extra para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 1.4.2 incluida a trav\u00e9s del c\u00f3digo abreviado 'attesa-template' debido a restricciones insuficientes sobre qu\u00e9 publicaciones se pueden incluir. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos de publicaciones protegidas con contrase\u00f1a, privadas o borradores a las que no deber\u00edan tener acceso."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10693.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10693",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T04:15:04.943",
"lastModified": "2024-11-09T04:15:04.943",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SKT Addons for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.3 via the Unfold widget due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to."
},
{
"lang": "es",
"value": "El complemento SKT Addons for Elementor para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 3.3 incluida a trav\u00e9s del widget Unfold debido a restricciones insuficientes sobre qu\u00e9 publicaciones se pueden incluir. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos de publicaciones privadas o borradores creadas por Elementor a las que no deber\u00edan tener acceso."
}
],
"metrics": {

8
CVE-2024/CVE-2024-106xx/CVE-2024-10695.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10695",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-12T04:15:04.610",
"lastModified": "2024-11-12T04:15:04.610",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Futurio Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.0.13 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts that they should not have access to."
},
{
"lang": "es",
"value": "El complemento Futurio Extra para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 2.0.13 incluida a trav\u00e9s del c\u00f3digo abreviado 'elementor-template' debido a restricciones insuficientes sobre qu\u00e9 publicaciones se pueden incluir. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos de publicaciones privadas o borradores a los que no deber\u00edan tener acceso."
}
],
"metrics": {

8
CVE-2024/CVE-2024-107xx/CVE-2024-10770.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10770",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T05:15:08.277",
"lastModified": "2024-11-09T05:15:08.277",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Envo Extra plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.3 via the 'elementor-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to."
},
{
"lang": "es",
"value": "El complemento Envo Extra para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 1.9.3 incluida a trav\u00e9s del c\u00f3digo abreviado 'elementor-template' debido a restricciones insuficientes sobre qu\u00e9 publicaciones se pueden incluir. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos de publicaciones privadas o borradores creadas por Elementor a las que no deber\u00edan tener acceso."
}
],
"metrics": {

8
CVE-2024/CVE-2024-107xx/CVE-2024-10779.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10779",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T03:15:05.507",
"lastModified": "2024-11-09T03:15:05.507",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Cowidgets \u2013 Elementor Addons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.0 via the 'ce_template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to."
},
{
"lang": "es",
"value": "El complemento Cowidgets \u2013 Elementor Addons para WordPress es vulnerable a la exposici\u00f3n de informaci\u00f3n en todas las versiones hasta la 1.2.0 incluida a trav\u00e9s del c\u00f3digo abreviado 'ce_template' debido a restricciones insuficientes sobre qu\u00e9 publicaciones se pueden incluir. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, extraigan datos de publicaciones privadas o borradores creadas por Elementor a las que no deber\u00edan tener acceso."
}
],
"metrics": {

8
CVE-2024/CVE-2024-107xx/CVE-2024-10790.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10790",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-12T06:15:03.123",
"lastModified": "2024-11-12T06:15:03.123",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Admin and Site Enhancements (ASE) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 7.5.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with custom-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. This feature must be enabled, and for specific roles in order to be exploitable."
},
{
"lang": "es",
"value": "El complemento Admin and Site Enhancements (ASE) para WordPress es vulnerable a Cross Site Scripting almacenado mediante cargas de archivos SVG en todas las versiones hasta la 7.5.1 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes autenticados, con acceso de nivel personalizado y superior, inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda al archivo SVG. Esta funci\u00f3n debe estar habilitada y para roles espec\u00edficos para que sea explotable."
}
],
"metrics": {

8
CVE-2024/CVE-2024-108xx/CVE-2024-10801.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10801",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T08:15:04.260",
"lastModified": "2024-11-09T08:15:04.260",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WordPress User Extra Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ajax_manage_file_chunk_upload() function in all versions up to, and including, 16.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. User registration must be enabled for this to be exploited."
},
{
"lang": "es",
"value": "El complemento User Extra Fields de WordPress es vulnerable a la carga de archivos arbitrarios debido a la falta de validaci\u00f3n del tipo de archivo en la funci\u00f3n ajax_manage_file_chunk_upload() en todas las versiones hasta la 16.5 incluida. Esto hace posible que atacantes no autenticados carguen archivos arbitrarios en el servidor del sitio afectado, lo que puede hacer posible la ejecuci\u00f3n remota de c\u00f3digo. El registro de usuarios debe estar habilitado para que esto se pueda aprovechar."
}
],
"metrics": {

8
CVE-2024/CVE-2024-108xx/CVE-2024-10814.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10814",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T05:15:08.533",
"lastModified": "2024-11-09T05:15:08.533",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Code Embed plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.5 via the ce_get_file() function. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services."
},
{
"lang": "es",
"value": "El complemento Code Embed para WordPress es vulnerable a Server-Side Request Forgery en todas las versiones hasta la 2.5 incluida a trav\u00e9s de la funci\u00f3n ce_get_file(). Esto permite que atacantes autenticados, con acceso de nivel de colaborador y superior, realicen solicitudes web a ubicaciones arbitrarias que se originan en la aplicaci\u00f3n web y se pueden usar para consultar y modificar informaci\u00f3n de servicios internos."
}
],
"metrics": {

8
CVE-2024/CVE-2024-108xx/CVE-2024-10837.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10837",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T13:15:04.737",
"lastModified": "2024-11-09T13:15:04.737",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The SysBasics Customize My Account for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the \u2018tab\u2019 parameter in all versions up to, and including, 2.7.29 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento SysBasics Customize My Account for WooCommerce para WordPress es vulnerable a Cross-Site Scripting Reflejado a trav\u00e9s del par\u00e1metro 'tab' en todas las versiones hasta la 2.7.29 incluida, debido a una desinfecci\u00f3n de entrada y un escape de salida insuficientes. Esto permite que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n, como hacer clic en un enlace."
}
],
"metrics": {

8
CVE-2024/CVE-2024-108xx/CVE-2024-10871.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10871",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T08:15:04.530",
"lastModified": "2024-11-09T08:15:04.530",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Category Ajax Filter plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.8.2 via the 'params[caf-post-layout]' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where files with a .php extension can be uploaded and included."
},
{
"lang": "es",
"value": "El complemento Category Ajax Filter para WordPress es vulnerable a la inclusi\u00f3n de archivos locales en todas las versiones hasta la 2.8.2 incluida a trav\u00e9s del par\u00e1metro 'params[caf-post-layout]'. Esto permite que atacantes no autenticados incluyan y ejecuten archivos arbitrarios en el servidor, lo que permite la ejecuci\u00f3n de cualquier c\u00f3digo PHP en esos archivos. Esto se puede utilizar para eludir los controles de acceso, obtener datos confidenciales o lograr la ejecuci\u00f3n de c\u00f3digo en casos en los que se puedan cargar e incluir archivos con una extensi\u00f3n .php."
}
],
"metrics": {

8
CVE-2024/CVE-2024-108xx/CVE-2024-10876.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10876",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-09T07:15:06.307",
"lastModified": "2024-11-09T07:15:06.307",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Charitable \u2013 Donation Plugin for WordPress \u2013 Fundraising with Recurring Donations & More plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg & remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.8.3. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."
},
{
"lang": "es",
"value": "El complemento Charitable \u2013 Donation Plugin for WordPress \u2013 Fundraising with Recurring Donations &amp; More para WordPress es vulnerable a Cross-Site Scripting reflejado debido al uso de add_query_arg y remove_query_arg sin el escape adecuado en la URL en todas las versiones hasta la 1.8.3 incluida. Esto hace posible que atacantes no autenticados inyecten secuencias de comandos web arbitrarias en p\u00e1ginas que se ejecutan si logran enga\u00f1ar a un usuario para que realice una acci\u00f3n como hacer clic en un enlace."
}
],
"metrics": {

8
CVE-2024/CVE-2024-109xx/CVE-2024-10917.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10917",
"sourceIdentifier": "emo@eclipse.org",
"published": "2024-11-11T17:15:04.203",
"lastModified": "2024-11-11T17:15:04.203",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Eclipse OpenJ9 versions up to 0.47, the JNI function GetStringUTFLength may return an incorrect value which has wrapped around. From 0.48 the value is correct but may be truncated to include a smaller number of characters."
},
{
"lang": "es",
"value": "En las versiones de Eclipse OpenJ9 hasta la 0.47, la funci\u00f3n JNI GetStringUTFLength puede devolver un valor incorrecto que se ha repetido una y otra vez. A partir de la 0.48, el valor es correcto, pero puede estar truncado para incluir una cantidad menor de caracteres."
}
],
"metrics": {

8
CVE-2024/CVE-2024-109xx/CVE-2024-10953.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10953",
"sourceIdentifier": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"published": "2024-11-09T01:15:03.427",
"lastModified": "2024-11-09T02:15:17.443",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:54.483",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An authenticated data.all user is able to perform mutating UPDATE operations on persisted Notification records in data.all for group notifications that their user is not a member of."
},
{
"lang": "es",
"value": "Un usuario autenticado de data.all puede realizar operaciones de ACTUALIZACI\u00d3N mutantes en registros de notificaci\u00f3n persistentes en data.all para notificaciones de grupo de las cuales su usuario no es miembro."
}
],
"metrics": {

8
CVE-2024/CVE-2024-109xx/CVE-2024-10958.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-10958",
"sourceIdentifier": "security@wordfence.com",
"published": "2024-11-10T13:15:03.940",
"lastModified": "2024-11-10T13:15:03.940",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes."
},
{
"lang": "es",
"value": "El complemento The WP Photo Album Plus para WordPress es vulnerable a la ejecuci\u00f3n de c\u00f3digos cortos arbitrarios mediante la acci\u00f3n AJAX getshortcodedrenderedfenodelay en todas las versiones hasta la 8.8.08.007 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acci\u00f3n que no valida correctamente un valor antes de ejecutar do_shortcode. Esto hace posible que atacantes no autenticados ejecuten c\u00f3digos cortos arbitrarios."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11016.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11016",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T07:15:04.400",
"lastModified": "2024-11-11T07:15:04.400",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents."
},
{
"lang": "es",
"value": "Webopac de Grand Vice info tiene una vulnerabilidad de inyecci\u00f3n SQL, lo que permite ataques remotos no autenticados para inyectar comandos SQL arbitrarios para leer, modificar y eliminar contenidos de bases de datos."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11017.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11017",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T07:15:04.910",
"lastModified": "2024-11-11T07:15:04.910",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code execution on the server."
},
{
"lang": "es",
"value": "Webopac de Grand Vice info no valida correctamente los tipos de archivos cargados, lo que permite a atacantes remotos con privilegios regulares cargar y ejecutar webshells, lo que podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario en el servidor."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11018.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11018",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T07:15:05.210",
"lastModified": "2024-11-11T07:15:05.210",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on the server."
},
{
"lang": "es",
"value": "Webopac de Grand Vice info no valida correctamente los tipos de archivos cargados, lo que permite que atacantes remotos no autenticados carguen y ejecuten webshells, lo que podr\u00eda conducir a la ejecuci\u00f3n de c\u00f3digo arbitrario en el servidor."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11019.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11019",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T07:15:05.517",
"lastModified": "2024-11-11T07:15:05.517",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing techniques."
},
{
"lang": "es",
"value": "Webopac de Grand Vice info tiene una vulnerabilidad de Cross-site Scripting reflejado, que permite a atacantes remotos no autenticados ejecutar c\u00f3digo JavaScript arbitrario en el navegador del usuario a trav\u00e9s de t\u00e9cnicas de phishing."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11020.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11020",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T08:15:03.610",
"lastModified": "2024-11-11T08:15:03.610",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents."
},
{
"lang": "es",
"value": "Webopac de Grand Vice info tiene una vulnerabilidad de inyecci\u00f3n SQL, lo que permite ataques remotos no autenticados para inyectar comandos SQL arbitrarios para leer, modificar y eliminar contenidos de bases de datos."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11021.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11021",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T08:15:04.987",
"lastModified": "2024-11-11T08:15:04.987",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Webopac from Grand Vice info has Stored Cross-site Scripting vulnerability. Remote attackers with regular privileges can inject arbitrary JavaScript code into the server. When users visit the compromised page, the code is automatically executed in their browser."
},
{
"lang": "es",
"value": "Webopac de Grand Vice Info presenta una vulnerabilidad de Cross-site Scripting almacenado. Los atacantes remotos con privilegios normales pueden inyectar c\u00f3digo JavaScript arbitrario en el servidor. Cuando los usuarios visitan la p\u00e1gina comprometida, el c\u00f3digo se ejecuta autom\u00e1ticamente en su navegador."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11026.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11026",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-08T22:15:14.610",
"lastModified": "2024-11-08T22:15:14.610",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:54.483",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The manipulation of the argument DEFAULT_KEYSTORE_PASSWORD with the input changeit leads to use of hard-coded password. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Intelligent Apps Freenow App 12.10.0 para Android. Se ha calificado como problem\u00e1tica. Este problema afecta a una funcionalidad desconocida del archivo ch/qos/logback/core/net/ssl/SSL.java del componente Keystore Handler. La manipulaci\u00f3n del argumento DEFAULT_KEYSTORE_PASSWORD con la entrada changeit conduce al uso de una contrase\u00f1a codificada. El ataque puede iniciarse de forma remota. La complejidad de un ataque es bastante alta. Se sabe que la explotaci\u00f3n es dif\u00edcil. La explotaci\u00f3n se ha divulgado al p\u00fablico y puede utilizarse. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11046.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11046",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-10T03:15:03.940",
"lastModified": "2024-11-10T03:15:03.940",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical. Affected is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en D-Link DI-8003 16.07.16A1. Se ha clasificado como cr\u00edtica. La funci\u00f3n upgrade_filter_asp del archivo /upgrade_filter.asp est\u00e1 afectada. La manipulaci\u00f3n de la ruta de argumentos conduce a la inyecci\u00f3n de comandos del sistema operativo. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11047.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11047",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-10T04:15:15.950",
"lastModified": "2024-11-10T04:15:15.950",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipulation of the argument path leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en D-Link DI-8003 16.07.16A1. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta a la funci\u00f3n upgrade_filter_asp del archivo /upgrade_filter.asp. La manipulaci\u00f3n de la ruta de argumentos provoca un desbordamiento del b\u00fafer basado en la pila. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11048.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11048",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-10T04:15:16.220",
"lastModified": "2024-11-10T04:15:16.220",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en D-Link DI-8003 16.07.16A1. Se ha calificado como cr\u00edtica. Este problema afecta a la funci\u00f3n dbsrv_asp del archivo /dbsrv.asp. La manipulaci\u00f3n del argumento str provoca un desbordamiento del b\u00fafer basado en la pila. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11049.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11049",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-10T06:15:03.390",
"lastModified": "2024-11-10T06:15:03.390",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is an unknown function of the file /auth_files/photo/ of the component Image File Handler. The manipulation leads to direct request. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en ZKTeco ZKBio Time 9.0.1. Se ve afectada una funci\u00f3n desconocida del archivo /auth_files/photo/ del componente Image File Handler. La manipulaci\u00f3n conduce a una solicitud directa. Es posible lanzar el ataque de forma remota. La complejidad de un ataque es bastante alta. Se dice que la explotabilidad es dif\u00edcil. El exploit se ha revelado al p\u00fablico y puede usarse. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta revelaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11050.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11050",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-10T07:15:03.450",
"lastModified": "2024-11-10T07:15:03.450",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204 and classified as problematic. This issue affects some unknown processing of the file /language.php. The manipulation of the argument LangID/LangName/LangEName leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en AMTT Hotel Broadband Operation System hasta la versi\u00f3n 3.0.3.151204 y se ha clasificado como problem\u00e1tica. Este problema afecta a algunos procesos desconocidos del archivo /language.php. La manipulaci\u00f3n del argumento LangID/LangName/LangEName provoca Cross-site Scripting. El ataque puede iniciarse de forma remota. La vulnerabilidad se ha hecho p\u00fablica y puede utilizarse. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta revelaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11051.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11051",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-10T08:15:03.380",
"lastModified": "2024-11-10T08:15:03.380",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in AMTT Hotel Broadband Operation System up to 3.0.3.151204. It has been classified as critical. Affected is an unknown function of the file /manager/frontdesk/online_status.php. The manipulation of the argument AccountID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en AMTT Hotel Broadband Operation System hasta la versi\u00f3n 3.0.3.151204. Se ha clasificado como cr\u00edtica. Se ve afectada una funci\u00f3n desconocida del archivo /manager/frontdesk/online_status.php. La manipulaci\u00f3n del argumento AccountID provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Se contact\u00f3 al proveedor con anticipaci\u00f3n sobre esta revelaci\u00f3n, pero no respondi\u00f3 de ninguna manera."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11054.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11054",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-10T10:15:03.800",
"lastModified": "2024-11-10T10:15:03.800",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:56:24.513",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in SourceCodester Simple Music Cloud Community System 1.0. This vulnerability affects unknown code of the file /music/ajax.php?action=signup. The manipulation of the argument pp leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en SourceCodester Simple Music Cloud Community System 1.0. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /music/ajax.php?action=signup. La manipulaci\u00f3n del argumento pp permite la carga sin restricciones. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11055.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11055",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-10T15:15:13.970",
"lastModified": "2024-11-10T15:15:13.970",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. This issue affects some unknown processing of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en 1000 Projects Beauty Parlour Management System 1.0. Este problema afecta a algunos procesos desconocidos del archivo /admin/admin-profile.php. La manipulaci\u00f3n del argumento adminname conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11056.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11056",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-10T17:15:15.697",
"lastModified": "2024-11-10T17:15:15.697",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in Tenda AC10 16.03.10.13. Affected is the function FUN_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Tenda AC10 16.03.10.13. La funci\u00f3n FUN_0046AC38 del archivo /goform/WifiExtraSet est\u00e1 afectada. La manipulaci\u00f3n del argumento wpapsk_crypto provoca un desbordamiento del b\u00fafer basado en la pila. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11057.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11057",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-10T18:15:16.517",
"lastModified": "2024-11-10T18:15:16.517",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Codezips Hospital Appointment System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /removeBranchResult.php. The manipulation of the argument ID/Name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Codezips Hospital Appointment System 1.0 y se ha clasificado como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /removeBranchResult.php. La manipulaci\u00f3n del argumento ID/Name conduce a una inyecci\u00f3n SQL. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11058.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11058",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-10T23:15:04.570",
"lastModified": "2024-11-10T23:15:04.570",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in CodeAstro Real Estate Management System up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /aboutedit.php of the component About Us Page. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en CodeAstro Real Estate Management System hasta la versi\u00f3n 1.0. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /aboutedit.php del componente About Us Page. La manipulaci\u00f3n del argumento id conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11059.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11059",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-11T00:15:13.957",
"lastModified": "2024-11-11T00:15:13.957",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Project Worlds Free Download Online Shopping System up to 192.168.1.88. It has been rated as critical. This issue affects some unknown processing of the file /online-shopping-webvsite-in-php-master/success.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en Project Worlds Free Download Online Shopping System hasta 192.168.1.88. Se ha calificado como cr\u00edtica. Este problema afecta a algunos procesos desconocidos del archivo /online-shopping-webvsite-in-php-master/success.php. La manipulaci\u00f3n del argumento id conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha revelado al p\u00fablico y puede utilizarse."
}
],
"metrics": {

10
CVE-2024/CVE-2024-110xx/CVE-2024-11060.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11060",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-11T01:15:04.233",
"lastModified": "2024-11-11T01:15:04.233",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Jinher Network Collaborative Management Platform \u91d1\u548c\u6570\u5b57\u5316\u667a\u80fd\u529e\u516c\u5e73\u53f0 1.0. Affected is an unknown function of the file /C6/JHSoft.Web.AcceptAip/AcceptShow.aspx/. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability classified as critical has been found in Jinher Network Collaborative Management Platform ??????????? 1.0. Affected is an unknown function of the file /C6/JHSoft.Web.AcceptAip/AcceptShow.aspx/. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Jinher Network Collaborative Management Platform ??????????? 1.0. Se ve afectada una funci\u00f3n desconocida del archivo /C6/JHSoft.Web.AcceptAip/AcceptShow.aspx/. La manipulaci\u00f3n del argumento id provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11061.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11061",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-11T01:15:04.523",
"lastModified": "2024-11-11T01:15:04.523",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN_0044db3c of the file /goform/fast_setting_wifi_set. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en Tenda AC10 16.03.10.13. La funci\u00f3n FUN_0044db3c del archivo /goform/fast_setting_wifi_set se ve afectada por esta vulnerabilidad. La manipulaci\u00f3n del argumento timeZone provoca un desbordamiento del b\u00fafer basado en la pila. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11062.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11062",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T08:15:05.530",
"lastModified": "2024-11-11T08:15:05.530",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "twcert@cert.org.tw",
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet."
},
{
"lang": "es",
"value": "El m\u00f3dem D-Link DSL6740C tiene una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo, que permite a atacantes remotos con privilegios de administrador inyectar y ejecutar comandos de sistema arbitrarios a trav\u00e9s de una funcionalidad espec\u00edfica proporcionada por SSH y Telnet."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11063.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11063",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T08:15:06.120",
"lastModified": "2024-11-11T08:15:06.120",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "twcert@cert.org.tw",
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet."
},
{
"lang": "es",
"value": "El m\u00f3dem D-Link DSL6740C tiene una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo, que permite a atacantes remotos con privilegios de administrador inyectar y ejecutar comandos de sistema arbitrarios a trav\u00e9s de una funcionalidad espec\u00edfica proporcionada por SSH y Telnet."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11064.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11064",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T08:15:06.653",
"lastModified": "2024-11-11T08:15:06.653",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "twcert@cert.org.tw",
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet."
},
{
"lang": "es",
"value": "El m\u00f3dem D-Link DSL6740C tiene una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo, que permite a atacantes remotos con privilegios de administrador inyectar y ejecutar comandos de sistema arbitrarios a trav\u00e9s de una funcionalidad espec\u00edfica proporcionada por SSH y Telnet."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11065.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11065",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T08:15:07.180",
"lastModified": "2024-11-11T08:15:07.180",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "twcert@cert.org.tw",
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet."
},
{
"lang": "es",
"value": "El m\u00f3dem D-Link DSL6740C tiene una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo, que permite a atacantes remotos con privilegios de administrador inyectar y ejecutar comandos de sistema arbitrarios a trav\u00e9s de una funcionalidad espec\u00edfica proporcionada por SSH y Telnet."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11066.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11066",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T08:15:07.730",
"lastModified": "2024-11-11T08:15:07.730",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "twcert@cert.org.tw",
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through the specific web page."
},
{
"lang": "es",
"value": "El m\u00f3dem D-Link DSL6740C tiene una vulnerabilidad de inyecci\u00f3n de comandos del sistema operativo, que permite a atacantes remotos con privilegios de administrador inyectar y ejecutar comandos de sistema arbitrarios a trav\u00e9s de la p\u00e1gina web espec\u00edfica."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11067.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11067",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T08:15:08.263",
"lastModified": "2024-11-11T08:15:08.263",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "twcert@cert.org.tw",
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "The D-Link DSL6740C modem has a Path Traversal Vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. Additionally, since the device's default password is a combination of the MAC address, attackers can obtain the MAC address through this vulnerability and attempt to log in to the device using the default password."
},
{
"lang": "es",
"value": "El m\u00f3dem D-Link DSL6740C tiene una vulnerabilidad de Path Traversal, que permite a atacantes remotos no autenticados aprovechar esta vulnerabilidad para leer archivos arbitrarios del sistema. Adem\u00e1s, dado que la contrase\u00f1a predeterminada del dispositivo es una combinaci\u00f3n de la direcci\u00f3n MAC, los atacantes pueden obtener la direcci\u00f3n MAC a trav\u00e9s de esta vulnerabilidad e intentar iniciar sesi\u00f3n en el dispositivo utilizando la contrase\u00f1a predeterminada."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11068.json
View File

@ -2,8 +2,8 @@
"id": "CVE-2024-11068",
"sourceIdentifier": "twcert@cert.org.tw",
"published": "2024-11-11T08:15:08.850",
"lastModified": "2024-11-11T08:15:08.850",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [
{
"sourceIdentifier": "twcert@cert.org.tw",
@ -16,6 +16,10 @@
{
"lang": "en",
"value": "The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user\u2019s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user\u2019s account."
},
{
"lang": "es",
"value": "El m\u00f3dem D-Link DSL6740C tiene una vulnerabilidad de uso incorrecto de API privilegiadas, que permite a atacantes remotos no autenticados modificar la contrase\u00f1a de cualquier usuario aprovechando la API, otorgando as\u00ed acceso a servicios web, SSH y Telnet utilizando la cuenta de ese usuario."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11070.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11070",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-11T15:15:04.863",
"lastModified": "2024-11-11T15:15:04.863",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in Sanluan PublicCMS 5.202406.d. This issue affects some unknown processing of the file /admin/cmsTagType/save of the component Tag Type Handler. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad, que se ha clasificado como problem\u00e1tica, en Sanluan PublicCMS 5.202406.d. Este problema afecta a algunos procesos desconocidos del archivo /admin/cmsTagType/save del componente Tag Type Handler. La manipulaci\u00f3n del nombre del argumento provoca Cross Site Scripting. El ataque puede iniciarse de forma remota. La vulnerabilidad se ha hecho p\u00fablica y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11073.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11073",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-11T17:15:04.520",
"lastModified": "2024-11-11T17:15:04.520",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in SourceCodester Hospital Management System 1.0. This affects an unknown part of the file /vm/patient/delete-account.php. The manipulation of the argument id leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como problem\u00e1tica en SourceCodester Hospital Management System 1.0. Afecta a una parte desconocida del archivo /vm/patient/delete-account.php. La manipulaci\u00f3n del argumento id conduce a una autorizaci\u00f3n incorrecta. Es posible iniciar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11074.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11074",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-11T18:15:14.620",
"lastModified": "2024-11-11T18:15:14.620",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0. This vulnerability affects unknown code of the file /incadd.php. The manipulation of the argument inccat/desc/date/amount leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter \"inccat\" to be affected. But it must be assumed \"desc\", \"date\", and \"amount\" are affected as well."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en itsourcecode Tailoring Management System 1.0. Esta vulnerabilidad afecta al c\u00f3digo desconocido del archivo /incadd.php. La manipulaci\u00f3n del argumento inccat/desc/date/amount provoca una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. El aviso inicial para investigadores solo menciona que el par\u00e1metro \"inccat\" se ver\u00e1 afectado, pero se debe asumir que \"desc\", \"date\" y \"amount\" tambi\u00e9n se ver\u00e1n afectados."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11076.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11076",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-11T18:15:14.940",
"lastModified": "2024-11-11T18:15:14.940",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in code-projects Job Recruitment 1.0. This issue affects some unknown processing of the file /activation.php. The manipulation of the argument e_hash leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en code-projects Job Recruitment 1.0. Este problema afecta a algunos procesos desconocidos del archivo /activation.php. La manipulaci\u00f3n del argumento e_hash conduce a una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11077.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11077",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-11T19:15:03.660",
"lastModified": "2024-11-11T19:15:03.660",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in code-projects Job Recruitment 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument email leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en code-projects Job Recruitment 1.0. Se trata de una funci\u00f3n desconocida del archivo /index.php. La manipulaci\u00f3n del argumento email provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11078.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11078",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-11T20:15:17.400",
"lastModified": "2024-11-11T20:15:17.400",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in code-projects Job Recruitment 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /register.php. The manipulation of the argument e leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en code-projects Job Recruitment 1.0 y se ha clasificado como problem\u00e1tica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /register.php. La manipulaci\u00f3n del argumento e conduce a Cross Site Scripting. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11079.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11079",
"sourceIdentifier": "secalert@redhat.com",
"published": "2024-11-12T00:15:15.543",
"lastModified": "2024-11-12T00:15:15.543",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en Ansible-Core. Esta vulnerabilidad permite a los atacantes eludir las protecciones de contenido inseguro mediante el objeto hostvars para hacer referencia y ejecutar contenido con plantilla. Este problema puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario si los datos remotos o las salidas de m\u00f3dulos tienen plantillas incorrectas dentro de los playbooks."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11096.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11096",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T01:15:03.607",
"lastModified": "2024-11-12T01:15:03.607",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in code-projects Task Manager 1.0. This affects an unknown part of the file /newProject.php. The manipulation of the argument projectName leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en code-projects Task Manager 1.0. Afecta a una parte desconocida del archivo /newProject.php. La manipulaci\u00f3n del argumento projectName provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11097.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11097",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T02:15:17.817",
"lastModified": "2024-11-12T02:15:17.817",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in SourceCodester Student Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the component Main Menu. The manipulation leads to infinite loop. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en SourceCodester Student Record Management System 1.0 y se ha clasificado como problem\u00e1tica. Esta vulnerabilidad afecta al c\u00f3digo desconocido del componente Men\u00fa principal. La manipulaci\u00f3n provoca un bucle infinito. Es necesario realizar un ataque local. La vulnerabilidad se ha hecho p\u00fablica y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-110xx/CVE-2024-11099.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11099",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T02:15:18.123",
"lastModified": "2024-11-12T02:15:18.123",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Job Recruitment 1.0 and classified as critical. This issue affects some unknown processing of the file /login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en code-projects Job Recruitment 1.0 y se ha clasificado como cr\u00edtica. Este problema afecta a algunos procesos desconocidos del archivo /login.php. La manipulaci\u00f3n del argumento email provoca una inyecci\u00f3n SQL. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-111xx/CVE-2024-11100.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11100",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T04:15:04.823",
"lastModified": "2024-11-12T04:15:04.823",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en 1000 Projects Beauty Parlour Management System 1.0. Se ha declarado como cr\u00edtica. Esta vulnerabilidad afecta a una funcionalidad desconocida del archivo /index.php. La manipulaci\u00f3n del nombre del argumento conduce a una inyecci\u00f3n SQL. El ataque se puede ejecutar de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-111xx/CVE-2024-11101.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11101",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T04:15:05.080",
"lastModified": "2024-11-12T04:15:05.080",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/search-invoices.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en 1000 Projects Beauty Parlour Management System 1.0. Se ha clasificado como cr\u00edtica. Se ve afectada una funci\u00f3n desconocida del archivo /admin/search-invoices.php. La manipulaci\u00f3n del argumento searchdata provoca una inyecci\u00f3n SQL. Es posible lanzar el ataque de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse."
}
],
"metrics": {

8
CVE-2024/CVE-2024-111xx/CVE-2024-11102.json
View File

@ -2,13 +2,17 @@
"id": "CVE-2024-11102",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T04:15:05.340",
"lastModified": "2024-11-12T04:15:05.340",
"vulnStatus": "Received",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Hospital Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /vm/doctor/edit-doc.php. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
},
{
"lang": "es",
"value": "Se ha encontrado una vulnerabilidad en SourceCodester Hospital Management System 1.0. Se ha calificado como problem\u00e1tica. Este problema afecta a algunas funciones desconocidas del archivo /vm/doctor/edit-doc.php. La manipulaci\u00f3n del nombre del argumento provoca Cross Site Scripting. El ataque puede ejecutarse de forma remota. El exploit se ha hecho p\u00fablico y puede utilizarse. Tambi\u00e9n pueden verse afectados otros par\u00e1metros."
}
],
"metrics": {

141
CVE-2024/CVE-2024-111xx/CVE-2024-11121.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-11121",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T13:15:06.360",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in ???????????? Lingdang CRM up to 8.6.4.3. Affected by this vulnerability is an unknown functionality of the file /crm/WeiXinApp/marketing/index.php?module=Users&action=getActionList. The manipulation of the argument userid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.283969",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.283969",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.436675",
"source": "cna@vuldb.com"
},
{
"url": "https://wiki.shikangsi.com/post/share/4d05b8c3-5464-48f3-bb14-a852b6e70abc",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-111xx/CVE-2024-11122.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-11122",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T13:15:06.700",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, has been found in ???????????? Lingdang CRM up to 8.6.4.3. Affected by this issue is some unknown functionality of the file /crm/wechatSession/index.php?msgid=1&operation=upload. The manipulation of the argument file leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-434"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.283970",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.283970",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.436676",
"source": "cna@vuldb.com"
},
{
"url": "https://wiki.shikangsi.com/post/share/8c9422c2-ecad-4471-97a2-6f8035a2ddf5",
"source": "cna@vuldb.com"
}
]
}

137
CVE-2024/CVE-2024-111xx/CVE-2024-11123.json Normal file
View File

@ -0,0 +1,137 @@
{
"id": "CVE-2024-11123",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-12T13:15:06.987",
"lastModified": "2024-11-12T13:55:21.227",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, was found in ???????????? Lingdang CRM up to 8.6.4.3. This affects an unknown part of the file /crm/data/pdf.php. The manipulation of the argument url with the input ../config.inc.php leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "NONE",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?ctiid.283971",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.283971",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.436677",
"source": "cna@vuldb.com"
},
{
"url": "https://wiki.shikangsi.com/post/share/39d736ad-73d1-49cd-a97f-59f396a58626",
"source": "cna@vuldb.com"
}
]
}

Some files were not shown because too many files have changed in this diff Show More