CVE-2024-40710
https://notcve.org/view.php?id=CVE-2024-40710
A series of related high-severity vulnerabilities, the most notable enabling remote code execution (RCE) as the service account and extraction of sensitive information (savedcredentials and passwords). • https://www.veeam.com/kb4649 • CWE-522: Insufficiently Protected Credentials •
CVE-2024-8517 – SPIP Bigup Multipart File Upload OS Command Injection
https://notcve.org/view.php?id=CVE-2024-8517
A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request. • https://github.com/Chocapikk/CVE-2024-8517 https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_2_a_big_upload https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-3-2-SPIP-4-2-16-SPIP-4-1-18.html https://vulncheck.com/advisories/spip-upload-rce https://vozec.fr/researchs/spip-preauth-rce-2024-big-upload • CWE-646: Reliance on File Name or Extension of Externally-Supplied File •
CVE-2024-45758
https://notcve.org/view.php?id=CVE-2024-45758
H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has access to post to the ImportSQLTable URI with a JSON document containing a connection_url property with any typical JDBC Connection URL attack payload such as one that uses queryInterceptors. • https://spear-shield.notion.site/Unauthenticated-Remote-Code-Execution-via-Unrestricted-JDBC-Connection-87a958a4874044199cbb86422d1f6068 https://gist.github.com/AfterSnows/c24ca3c26dc89ab797e610e92a6a9acb • CWE-502: Deserialization of Untrusted Data •
CVE-2024-7620 – Customizer Export/Import <= 0.9.7 - Authenticated (Admin+) Arbitrary File Upload via Customization Settings Import
https://notcve.org/view.php?id=CVE-2024-7620
The Customizer Export/Import plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the '_import' function in all versions up to, and including, 0.9.7. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/changeset/3144365/customizer-export-import https://www.wordfence.com/threat-intel/vulnerabilities/id/7600e7df-725d-4877-b0bf-5329f814723f?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-8463 – File upload restriction bypass vulnerability in Job Portal
https://notcve.org/view.php?id=CVE-2024-8463
File upload restriction bypass vulnerability in PHPGurukul Job Portal 1.0, the exploitation of which could allow an authenticated user to execute an RCE via webshell. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-job-portal • CWE-434: Unrestricted Upload of File with Dangerous Type •