daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Auto Generated cves.json [Sun Apr 21 10:59:24 UTC 2024] 🤖

patch-1
GitHub Action 2024-04-21 10:59:24 +00:00
parent 3cdaff6061
commit 936a6a1e8a
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cves.json
View File

@ -1675,6 +1675,7 @@
{"ID":"CVE-2022-24288","Info":{"Name":"Apache Airflow OS Command Injection","Severity":"high","Description":"Apache Airflow prior to version 2.2.4 is vulnerable to OS command injection attacks because some example DAGs do not properly sanitize user-provided parameters, making them susceptible to OS Command Injection from the web UI.","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2022/CVE-2022-24288.yaml"}
{"ID":"CVE-2022-24384","Info":{"Name":"SmarterTools SmarterTrack - Cross-Site Scripting","Severity":"medium","Description":"Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-24384.yaml"}
{"ID":"CVE-2022-2462","Info":{"Name":"WordPress Transposh \u003c=1.0.8.1 - Information Disclosure","Severity":"medium","Description":"WordPress Transposh plugin through is susceptible to information disclosure via the AJAX action tp_history, which is intended to return data about who has translated a text given by the token parameter. However, the plugin also returns the user's login name as part of the user_login attribute. If an anonymous user submits the translation, the user's IP address is returned. An attacker can leak the WordPress username of translators and potentially execute other unauthorized operations.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2022/CVE-2022-2462.yaml"}
{"ID":"CVE-2022-24627","Info":{"Name":"AudioCodes Device Manager Express - SQL Injection","Severity":"critical","Description":"An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is an unauthenticated SQL injection in the p parameter of the process_login.php login form.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-24627.yaml"}
{"ID":"CVE-2022-2467","Info":{"Name":"Garage Management System 1.0 - SQL Injection","Severity":"critical","Description":"Garage Management System 1.0 contains a SQL injection vulnerability in /login.php via manipulation of the argument username with input 1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND 'hsvT'='hsvT. An attacker can possibly obtain sensitive information from a database, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-2467.yaml"}
{"ID":"CVE-2022-24681","Info":{"Name":"ManageEngine ADSelfService Plus \u003c6121 - Stored Cross-Site Scripting","Severity":"medium","Description":"ManageEngine ADSelfService Plus before 6121 contains a stored cross-site scripting vulnerability via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screens.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-24681.yaml"}
{"ID":"CVE-2022-24716","Info":{"Name":"Icinga Web 2 - Arbitrary File Disclosure","Severity":"high","Description":"Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including `icingaweb2` configuration files with database credentials.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-24716.yaml"}
@ -2334,6 +2335,7 @@
{"ID":"CVE-2024-22319","Info":{"Name":"IBM Operational Decision Manager - JNDI Injection","Severity":"critical","Description":"IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 is susceptible to remote code execution attack via JNDI injection when passing an unchecked argument to a certain API. IBM X-Force ID: 279145.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-22319.yaml"}
{"ID":"CVE-2024-22320","Info":{"Name":"IBM Operational Decision Manager - Java Deserialization","Severity":"high","Description":"IBM Operational Decision Manager 8.10.3, 8.10.4, 8.10.5.1, 8.11, 8.11.0.1, and 8.12.0.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of SYSTEM. IBM X-Force ID: 279146.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2024/CVE-2024-22320.yaml"}
{"ID":"CVE-2024-23334","Info":{"Name":"aiohttp - Directory Traversal","Severity":"high","Description":"aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. Version 3.9.2 fixes this issue.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-23334.yaml"}
{"ID":"CVE-2024-2389","Info":{"Name":"Progress Kemp Flowmon - Command Injection","Severity":"critical","Description":"In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-2389.yaml"}
{"ID":"CVE-2024-25600","Info":{"Name":"Unauthenticated Remote Code Execution Bricks \u003c= 1.9.6","Severity":"critical","Description":"Bricks Builder is a popular WordPress development theme with approximately 25,000 active installations. It provides an intuitive drag-and-drop interface for designing and building WordPress websites. Bricks \u003c= 1.9.6 is vulnerable to unauthenticated remote code execution (RCE) which means that anybody can run arbitrary commands and take over the site/server. This can lead to various malicious activities\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-25600.yaml"}
{"ID":"CVE-2024-25669","Info":{"Name":"CaseAware a360inc - Cross-Site Scripting","Severity":"medium","Description":"a360inc CaseAware contains a reflected cross-site scripting vulnerability via the user parameter transmitted in the login.php query string. This is a bypass of the fix reported in CVE-2017-\u003e\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2024/CVE-2024-25669.yaml"}
{"ID":"CVE-2024-25735","Info":{"Name":"WyreStorm Apollo VX20 - Information Disclosure","Severity":"high","Description":"An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext credentials for the SoftAP (access point) Router /device/config using an HTTP GET request.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-25735.yaml"}
@ -2349,6 +2351,7 @@
{"ID":"CVE-2024-29059","Info":{"Name":".NET Framework - Leaking ObjRefs via HTTP .NET Remoting","Severity":"high","Description":".NET Framework Information Disclosure Vulnerability","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-29059.yaml"}
{"ID":"CVE-2024-29269","Info":{"Name":"Telesquare TLR-2005KSH - Remote Command Execution","Severity":"critical","Description":"Telesquare Tlr-2005Ksh is a Sk Telecom Lte router from South Korea's Telesquare company.Telesquare TLR-2005Ksh versions 1.0.0 and 1.1.4 have an unauthorized remote command execution vulnerability. An attacker can exploit this vulnerability to execute system commands without authorization through the Cmd parameter and obtain server permissions.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-29269.yaml"}
{"ID":"CVE-2024-3273","Info":{"Name":"D-Link Network Attached Storage - Command Injection and Backdoor Account","Severity":"high","Description":"UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\n","Classification":{"CVSSScore":"7.3"}},"file_path":"http/cves/2024/CVE-2024-3273.yaml"}
{"ID":"CVE-2024-3400","Info":{"Name":"GlobalProtect - OS Command Injection","Severity":"critical","Description":"A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-3400.yaml"}
{"ID":"CVE-2001-1473","Info":{"Name":"Deprecated SSHv1 Protocol Detection","Severity":"high","Description":"SSHv1 is deprecated and has known cryptographic issues.","Classification":{"CVSSScore":"7.5"}},"file_path":"network/cves/2001/CVE-2001-1473.yaml"}
{"ID":"CVE-2011-2523","Info":{"Name":"VSFTPD 2.3.4 - Backdoor Command Execution","Severity":"critical","Description":"VSFTPD v2.3.4 had a serious backdoor vulnerability allowing attackers to execute arbitrary commands on the server with root-level access. The backdoor was triggered by a specific string of characters in a user login request, which allowed attackers to execute any command they wanted.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"network/cves/2011/CVE-2011-2523.yaml"}
{"ID":"CVE-2015-3306","Info":{"Name":"ProFTPd - Remote Code Execution","Severity":"critical","Description":"ProFTPD 1.3.5 contains a remote code execution vulnerability via the mod_copy module which allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.","Classification":{"CVSSScore":"10"}},"file_path":"network/cves/2015/CVE-2015-3306.yaml"}

2
cves.json-checksum.txt
View File

@ -1 +1 @@
a3b3584ae8741673380eb23c989adbdf
29da5f9ef55e70d230c4528d89e55661