CVE-2024-5407 – Code Injection vulnerability in RhinOS from SaltOS
https://notcve.org/view.php?id=CVE-2024-5407
A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. • https://github.com/josepsanzcamp/RhinOS https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-rhinos-saltos • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-35339
https://notcve.org/view.php?id=CVE-2024-35339
Tenda FH1206 V1.2.0.8(8155) was discovered to contain a command injection vulnerability via the mac parameter at ip/goform/WriteFacMac. Se descubrió que Tenda FH1206 V1.2.0.8(8155) contiene una vulnerabilidad de inyección de comandos a través del parámetro mac en ip/goform/WriteFacMac. • https://palm-vertebra-fe9.notion.site/formWriteFacMac_RCE-d70cf636739e4a769b1f919ffed4a2a0 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-36361
https://notcve.org/view.php?id=CVE-2024-36361
Pug through 3.0.2 allows JavaScript code execution if an application accepts untrusted input for the name option of the compileClient, compileFileClient, or compileClientWithDependenciesTracked function. NOTE: these functions are for compiling Pug templates into JavaScript, and there would typically be no reason to allow untrusted callers. Pug hasta 3.0.2 permite la ejecución de código JavaScript si una aplicación acepta entradas que no son de confianza para la opción de nombre de la función compileClient, compileFileClient o compileClientWithDependenciesTracked. NOTA: estas funciones son para compilar plantillas de Pug en JavaScript y normalmente no habría motivo para permitir llamadas que no sean de confianza. • https://github.com/pugjs/pug/pull/3428 https://pugjs.org/api/reference.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-4037 – WP Photo Album Plus <= 8.7.02.003 - Unauthenticated Arbitrary Shortcode Execution
https://notcve.org/view.php?id=CVE-2024-4037
The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.7.02.003. This is due to the plugin allowing unauthenticated users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. El complemento WP Photo Album Plus para WordPress es vulnerable a la ejecución arbitraria de códigos cortos en todas las versiones hasta la 8.7.02.003 incluida. Esto se debe a que el complemento permite a usuarios no autenticados ejecutar una acción que no valida correctamente un valor antes de ejecutar do_shortcode. • https://plugins.trac.wordpress.org/browser/wp-photo-album-plus/trunk/wppa-ajax.php#L1138 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3078746%40wp-photo-album-plus&new=3078746%40wp-photo-album-plus&sfp_email=&sfph_mail=#file3 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3079831%40wp-photo-album-plus&new=3079831%40wp-photo-album-plus&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/3d6b95ee • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-0867 – Email Log <= 2.4.8 - Unauthenticated Hook Injection
https://notcve.org/view.php?id=CVE-2024-0867
The Email Log plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 2.4.8 via the check_nonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the attacker wishes to execute needs to have a nonce check, and the nonce needs to be known to the attacker. Furthermore, the absence of a capability check is a requirement. El complemento Email Log para WordPress es vulnerable a la inyección de gancho no autenticado en todas las versiones hasta la 2.4.8 incluida a través de la función check_nonce. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3027872%40email-log&new=3027872%40email-log&sfp_email=&sfph_mail= https://wordpress.org/plugins/email-log https://www.wordfence.com/threat-intel/vulnerabilities/id/fd15268f-7e06-4e0d-baaf-f27348af61ce?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •