From 5dc18c2c8ff0533033dba965cc56e689db442d64 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 31 Jul 2024 10:00:47 +0000 Subject: [PATCH] Auto Generated cves.json [Wed Jul 31 10:00:47 UTC 2024] :robot: --- cves.json | 2 ++ cves.json-checksum.txt | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/cves.json b/cves.json index 527989e48a..e212a59394 100644 --- a/cves.json +++ b/cves.json @@ -2490,6 +2490,7 @@ {"ID":"CVE-2024-3922","Info":{"Name":"Dokan Pro \u003c= 3.10.3 - SQL Injection","Severity":"critical","Description":"The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-3922.yaml"} {"ID":"CVE-2024-39250","Info":{"Name":"EfroTech Timetrax v8.3 - Sql Injection","Severity":"high","Description":"EfroTech Timetrax v8.3 was discovered to contain an unauthenticated SQL injection vulnerability via the q parameter in the search web interface.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-39250.yaml"} {"ID":"CVE-2024-39903","Info":{"Name":"Solara \u003c1.35.1 - Local File Inclusion","Severity":"high","Description":"A Local File Inclusion (LFI) vulnerability was identified in widgetti/solara, in version \u003c1.35.1, which was fixed in version 1.35.1. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences such as '../' when serving static files. An attacker can exploit this flaw by manipulating the fragment part of the URI to read arbitrary files on the local file system.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"http/cves/2024/CVE-2024-39903.yaml"} +{"ID":"CVE-2024-39907","Info":{"Name":"1Panel SQL Injection - Authenticated","Severity":"critical","Description":"1Panel is a web-based linux server management control panel. There are many sql injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. These sql injections have been resolved in version 1.10.12-tls. Users are advised to upgrade. There are no known workarounds for these issues.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-39907.yaml"} {"ID":"CVE-2024-39914","Info":{"Name":"FOG Project \u003c 1.5.10.34 - Remote Command Execution","Severity":"critical","Description":"FOG is a cloning/imaging/rescue suite/inventory management system. Prior to 1.5.10.34, packages/web/lib/fog/reportmaker.class.php in FOG was affected by a command injection via the filename parameter to /fog/management/export.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-39914.yaml"} {"ID":"CVE-2024-40348","Info":{"Name":"Bazarr \u003c 1.4.3 - Arbitrary File Read","Severity":"high","Description":"Bazarr 1.4.3 and earlier versions have a arbitrary file read vulnerability.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-40348.yaml"} {"ID":"CVE-2024-4040","Info":{"Name":"CrushFTP VFS - Sandbox Escape LFR","Severity":"critical","Description":"VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-4040.yaml"} @@ -2515,6 +2516,7 @@ {"ID":"CVE-2024-6205","Info":{"Name":"PayPlus Payment Gateway \u003c 6.6.9 - SQL Injection","Severity":"critical","Description":"The PayPlus Payment Gateway WordPress plugin before 6.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement via a WooCommerce API route available to unauthenticated users, leading to an SQL injection vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-6205.yaml"} {"ID":"CVE-2024-6289","Info":{"Name":"WPS Hide Login \u003c 1.9.16.4 - Hidden Login Page Disclosure","Severity":"medium","Description":"The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-6289.yaml"} {"ID":"CVE-2024-6366","Info":{"Name":"User Profile Builder \u003c 3.11.8 - File Upload","Severity":"high","Description":"The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-6366.yaml"} +{"ID":"CVE-2024-6396","Info":{"Name":"Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite","Severity":"critical","Description":"A vulnerability in the `_backup_run` function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the `run_hash` and `repo.path` parameters, which can be manipulated to create and write to arbitrary file paths. This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-6396.yaml"} {"ID":"CVE-2024-6587","Info":{"Name":"LiteLLM - Server-Side Request Forgery","Severity":"high","Description":"LiteLLM vulnerable to Server-Side Request Forgery (SSRF) vulnerability Exposes OpenAI API Keys.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-6587.yaml"} {"ID":"CVE-2024-6646","Info":{"Name":"Netgear-WN604 downloadFile.php - Information Disclosure","Severity":"medium","Description":"There is an information leakage vulnerability in the downloadFile.php interface of Netgear WN604. A remote attacker using file authentication can use this vulnerability to obtain the administrator account and password information of the wireless router, causing the router's background to be controlled. The attacker can initiate damage to the wireless network or further threaten it.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-6646.yaml"} {"ID":"CVE-2024-6746","Info":{"Name":"EasySpider 0.6.2 - Arbitrary File Read","Severity":"medium","Description":"A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \\EasySpider\\resources\\app\\server.js of the component HTTP GET Request Handler. The manipulation with the input /../../../../../../../../../Windows/win.ini leads to path traversal: '../filedir'. The attack needs to be done within the local network.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2024/CVE-2024-6746.yaml"} diff --git a/cves.json-checksum.txt b/cves.json-checksum.txt index 95a4b89a39..699f66a1ce 100644 --- a/cves.json-checksum.txt +++ b/cves.json-checksum.txt @@ -1 +1 @@ -379d7b02d8ae7e19dec76cc7cd470aea +b69b59d70bacb648d224873b1b83419e