CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-7243 – Panda Security Dome Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7243
An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVSS: 7.8EPSS: %CPEs: -EXPL: 0CVE-2024-7239 – VIPRE Advanced Security Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7239
An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVSS: 7.3EPSS: %CPEs: -EXPL: 0CVE-2024-7240 – F-Secure Total Link Following Local Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2024-7240
An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6451 – AI Engine < 2.5.1 - Admin+ RCE
https://notcve.org/view.php?id=CVE-2024-6451
AI Engine < 2.4.3 is susceptible to remote-code-execution (RCE) via Log Poisoning. ... The AI Engine plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the /wp-json/mwai/v1/settings/update REST API endpoint. • https://wpscan.com/vulnerability/fc06d413-a227-470c-a5b7-cdab57aeab34 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-40576
https://notcve.org/view.php?id=CVE-2024-40576
Cross Site Scripting vulnerability in Best House Rental Management System 1.0 allows a remote attacker to execute arbitrary code via the "House No" and "Description" parameters in the houses page at the index.php component. • https://github.com/jubilianite/CVEs/blob/main/CVE-2024-40576.md https://www.sourcecodester.com/php/17375/best-courier-management-system-project-php.html https://github.com/jubilianite/CVEs/security/advisories/GHSA-674x-j9wj-qvpp • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •