CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-28829 – Privilege escalation in mk_informix plugin
https://notcve.org/view.php?id=CVE-2024-28829
20 Aug 2024 — Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 (EOL) allows local users to escalate privileges. • https://checkmk.com/werk/16249 • CWE-272: Least Privilege Violation CWE-807: Reliance on Untrusted Inputs in a Security Decision •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42553
https://notcve.org/view.php?id=CVE-2024-42553
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component admin_room_added.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges. • https://gist.github.com/topsky979/4b22a22c73b16c7c22c06d4b3f033fdc • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42555
https://notcve.org/view.php?id=CVE-2024-42555
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component admin_room_removed.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges. • https://gist.github.com/topsky979/afd445b90e13a27a6422cea2f5ff0f64 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42557
https://notcve.org/view.php?id=CVE-2024-42557
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component admin_modify_room.php of Hotel Management System commit 91caab8 allows attackers to escalate privileges. • https://gist.github.com/topsky979/0785597ae7abc8f10cd5c5537f5467b5 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42576
https://notcve.org/view.php?id=CVE-2024-42576
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component edit_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/50a1d8ad7effd9ccd089952602c831d3 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42577
https://notcve.org/view.php?id=CVE-2024-42577
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component add_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/20ad7b251f2905db38e7a6566b1d46cc • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42578
https://notcve.org/view.php?id=CVE-2024-42578
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component edit_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/5eacc7e418e3b73b7ad1fa05d1a72aeb • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42579
https://notcve.org/view.php?id=CVE-2024-42579
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component add_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/ed59fb8b35a220dfa064a3a3cb1ecb1b • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42580
https://notcve.org/view.php?id=CVE-2024-42580
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component edit_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/8a05309486637d8c6ce8c6624ec1e897 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-42581
https://notcve.org/view.php?id=CVE-2024-42581
20 Aug 2024 — A Cross-Site Request Forgery (CSRF) in the component delete_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/2bd26343ccdff7c759f62d332c8caff6 • CWE-352: Cross-Site Request Forgery (CSRF) •