CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43955 – WordPress Droip plugin <= 1.1.1 - Unauthenticated Arbitrary File Download/Deletion vulnerability
https://notcve.org/view.php?id=CVE-2024-43955
The Droip plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in a function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). • https://patchstack.com/database/vulnerability/droip/wordpress-droip-plugin-1-1-1-unauthenticated-arbitrary-file-download-deletion-vulnerability? • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-42788
https://notcve.org/view.php?id=CVE-2024-42788
This vulnerability allows remote attackers to execute arbitrary code via "title" & "artist" parameter fields. • https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Music%20Management%20System%20v1.0/Stored%20XSS%20-%20Add%20New%20Music%20List.pdf https://www.kashipara.com/project/php/12978/music-management-system-in-php-php-project-source-code • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-42787
https://notcve.org/view.php?id=CVE-2024-42787
This vulnerability allows remote attackers to execute arbitrary code via "title" & "description" parameter fields. • https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Music%20Management%20System%20v1.0/Stored%20XSS%20-%20Add%20Playlist.pdf https://www.kashipara.com/project/php/12978/music-management-system-in-php-php-project-source-code • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-45187 – Mage AI allows deleted users to use the terminal server with admin access, leading to remote code execution
https://notcve.org/view.php?id=CVE-2024-45187
Guest users in the Mage AI framework that remain logged in after their accounts are deleted, are mistakenly given high privileges and specifically given access to remotely execute arbitrary code through the Mage AI terminal server • https://research.jfrog.com/vulnerabilities/mage-ai-deleted-users-rce-jfsa-2024-001039602 • CWE-266: Incorrect Privilege Assignment •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 5CVE-2024-7954 – SPIP porte_plume Plugin Arbitrary PHP Execution
https://notcve.org/view.php?id=CVE-2024-7954
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request. • https://github.com/Chocapikk/CVE-2024-7954 https://github.com/bigb0x/CVE-2024-7954 https://github.com/fa-rrel/CVE-2024-7954-RCE https://github.com/MuhammadWaseem29/RCE-CVE-2024-7954 https://vulncheck.com/advisories/spip-porte-plume https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-3-0-alpha2-SPIP-4-2-13-SPIP-4.html https://thinkloveshare.com/hacking/spip_preauth_rce_2024_part_1_the_feather • CWE-284: Improper Access Control •