CVE-2024-24551 – Bludit - Remote Code Execution (RCE) through Image API
https://notcve.org/view.php?id=CVE-2024-24551
A security vulnerability has been identified in Bludit, allowing authenticated attackers to execute arbitrary code through the Image API. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files. Se ha identificado una vulnerabilidad de seguridad en Bludit, que permite a atacantes autenticados ejecutar código arbitrario a través de Image API. Esta vulnerabilidad surge del manejo inadecuado de la carga de archivos, lo que permite a actores malintencionados cargar y ejecutar archivos PHP. • https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-434: Unrestricted Upload of File with Dangerous Type CWE-502: Deserialization of Untrusted Data •
CVE-2024-24550 – Bludit - Remote Code Execution (RCE) through File API
https://notcve.org/view.php?id=CVE-2024-24550
A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. • https://www.redguard.ch/blog/2024/06/20/security-advisory-bludit • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') CWE-434: Unrestricted Upload of File with Dangerous Type CWE-502: Deserialization of Untrusted Data •
CVE-2024-3121 – Remote Code Execution in create_conda_env function in parisneo/lollms
https://notcve.org/view.php?id=CVE-2024-3121
A remote code execution vulnerability exists in the create_conda_env function of the parisneo/lollms repository, version 5.9.0. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker to inject arbitrary commands by manipulating the env_name and python_version parameters. This issue could lead to a serious security breach as demonstrated by the ability to execute the 'whoami' command among potentially other harmful commands. Existe una vulnerabilidad de ejecución remota de código en la función create_conda_env del repositorio parisneo/lollms, versión 5.9.0. La vulnerabilidad surge del uso de shell=True en la función subprocess.Popen, que permite a un atacante inyectar comandos arbitrarios manipulando los parámetros env_name y python_version. • https://github.com/Abo5/CVE-2024-31210 https://huntr.com/bounties/db57c343-9b80-4c1c-9ab0-9eef92c9b27b • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-50029
https://notcve.org/view.php?id=CVE-2023-50029
PHP Injection vulnerability in the module "M4 PDF Extensions" (m4pdf) up to version 3.3.2 from PrestaAddons for PrestaShop allows attackers to run arbitrary code via the M4PDF::saveTemplate() method. Vulnerabilidad de inyección de PHP en el módulo "M4 PDF Extensions" (m4pdf) hasta la versión 3.3.2 de PrestaAddons para PrestaShop permite a los atacantes ejecutar código de su elección a través del método M4PDF::saveTemplate(). • https://security.friendsofpresta.org/modules/2024/06/20/m4pdf.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-39331 – emacs: org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code
https://notcve.org/view.php?id=CVE-2024-39331
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5. En Emacs anterior a 29.4, org-link-expand-abbrev en lisp/ol.el expande una abreviatura de enlace %(...) incluso cuando especifica una función no segura, como shell-command-to-string. Esto afecta al modo de organización anterior a 9.7.5. A flaw was found in Emacs. • https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29 https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=f4cc61636947b5c2f0afc67174dd369fe3277aa8 https://list.orgmode.org/87sex5gdqc.fsf%40localhost https://lists.debian.org/debian-lts-announce/2024/06/msg00023.html https://lists.debian.org/debian-lts-announce/2024/06/msg00024.html https://lists.gnu.org/archive/html/info-gnu-emacs/2024-06/msg00000.html https://news.ycombinator.com/item?id=40768225 https:/ • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •