CVE-2024-30213
https://notcve.org/view.php?id=CVE-2024-30213
StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows remote authenticated users to achieve Command Injection via a Ping URL, leading to remote code execution. • https://stonefly.com/security-advisories/cve-2024-30213 https://www.stonefly.com/services • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-40548
https://notcve.org/view.php?id=CVE-2024-40548
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/save of PublicCMS v4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. • https://gitee.com/sanluan/PublicCMS/issues/IAALCK • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-40550
https://notcve.org/view.php?id=CVE-2024-40550
An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file. • https://gitee.com/sanluan/PublicCMS/issues/IAALWJ • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2024-40518
https://notcve.org/view.php?id=CVE-2024-40518
SeaCMS 12.9 has a remote code execution vulnerability. • https://gitee.com/fushuling/cve/blob/master/SeaCMS%2012.9%20admin_weixin.php%20code%20injection.md • CWE-20: Improper Input Validation •
CVE-2024-40552
https://notcve.org/view.php?id=CVE-2024-40552
PublicCMS v4.0.202302.e was discovered to contain a remote commande execution (RCE) vulnerability via the cmdarray parameter at /site/ScriptComponent.java. • https://gitee.com/sanluan/PublicCMS/issues/IAAMMU •