CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49219 – WordPress RS-Members plugin <= 1.0.3 - Privilege Escalation vulnerability
https://notcve.org/view.php?id=CVE-2024-49219
This makes it possible for authenticated attackers, with subscriber-level access and above, to escalate their privileges to that of an administrator. • https://patchstack.com/database/vulnerability/rs-members/wordpress-rs-members-plugin-1-0-3-privilege-escalation-vulnerability?_s_id=cve • CWE-266: Incorrect Privilege Assignment •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-48823
https://notcve.org/view.php?id=CVE-2024-48823
Local file inclusion in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the PassageAutoServer.php page. • https://daly.wtf/multiple-vulnerabilities-discovered-in-automatic-systems-software •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-48821
https://notcve.org/view.php?id=CVE-2024-48821
Cross Site Scripting vulnerability in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php component. • https://daly.wtf/multiple-vulnerabilities-discovered-in-automatic-systems-software •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-48822
https://notcve.org/view.php?id=CVE-2024-48822
Privilege escalation in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php page. • https://daly.wtf/multiple-vulnerabilities-discovered-in-automatic-systems-software •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45316 – SonicWALL Connect Tunnel Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-45316
The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack. This vulnerability allows local attackers to escalate privileges on affected installations of SonicWALL Connect Tunnel. ... An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. • https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0017 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •