daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: generate CVEs metadata 🤖

patch-12
ghost 2024-10-28 04:43:27 +00:00
parent e29eddd0bc
commit e75ff40d68
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cves.json
View File

@ -2650,6 +2650,7 @@
{"ID":"CVE-2024-48914","Info":{"Name":"Vendure - Arbitrary File Read","Severity":"critical","Description":"Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data such as configuration files, environment variables, and other critical data stored on the server. In the same code path is an additional vector for crashing the server via a malformed URI.\n","Classification":{"CVSSScore":"9.1"}},"file_path":"http/cves/2024/CVE-2024-48914.yaml"}
{"ID":"CVE-2024-4940","Info":{"Name":"Gradio - Open Redirect","Severity":"medium","Description":"An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting (XSS), Server-Side Request Forgery (SSRF), amongst others. This issue is due to improper validation of user-supplied input in the handling of URLs. Attackers can exploit this vulnerability by crafting a malicious URL that, when processed by the application, redirects the user to an attacker-controlled web page.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2024/CVE-2024-4940.yaml"}
{"ID":"CVE-2024-4956","Info":{"Name":"Sonatype Nexus Repository Manager 3 - Local File Inclusion","Severity":"high","Description":"Path Traversal in Sonatype Nexus Repository 3 allows an unauthenticated attacker to read system files. Fixed in version 3.68.1.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-4956.yaml"}
{"ID":"CVE-2024-49757","Info":{"Name":"Zitadel - User Registration Bypass","Severity":"high","Description":"The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. Due to a missing security check in versions prior to 2.64.0, 2.63.5, 2.62.7, 2.61.4, 2.60.4, 2.59.5, and 2.58.7, disabling the \"User Registration allowed\" option only hid the registration button on the login page. Users could bypass this restriction by directly accessing the registration URL (/ui/login/loginname) and register a user that way. Versions 2.64.0, 2.63.5, 2.62.7, 2.61.4, 2.60.4, 2.59.5, and 2.58.7 contain a patch. No known workarounds are available.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-49757.yaml"}
{"ID":"CVE-2024-5084","Info":{"Name":"Hash Form \u003c= 1.1.0 - Arbitrary File Upload","Severity":"critical","Description":"The Hash Form Drag \u0026 Drop Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'file_upload_action' function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-5084.yaml"}
{"ID":"CVE-2024-5217","Info":{"Name":"ServiceNow - Incomplete Input Validation","Severity":"critical","Description":"ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-5217.yaml"}
{"ID":"CVE-2024-5230","Info":{"Name":"FleetCart 4.1.1 - Information Disclosure","Severity":"medium","Description":"Issues with information disclosure in redirect responses. Accessing the majority of the website's pages exposes sensitive data, including the \"Razorpay\" \"razorpayKeyId\".\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-5230.yaml"}

2
cves.json-checksum.txt
View File

@ -1 +1 @@
d3f1e008f0e27b83736f6ba5a04abe2d
13888324a39d31ce90973d926d640532