CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43775 – Huachu Easytest Online Learning Test Platform - SQL Injection
https://notcve.org/view.php?id=CVE-2024-43775
02 Sep 2024 — SQL Injection in search course titles function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the search parameter. • https://zuso.ai/advisory/za-2024-08 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43774 – Huachu Easytest Online Learning Test Platform - SQL Injection
https://notcve.org/view.php?id=CVE-2024-43774
02 Sep 2024 — SQL Injection in download personal learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the uid parameter. • https://zuso.ai/advisory/za-2024-07 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43773 – Huachu Easytest Online Learning Test Platform - SQL Injection
https://notcve.org/view.php?id=CVE-2024-43773
02 Sep 2024 — SQL Injection in download class learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the cstr parameter. • https://zuso.ai/advisory/za-2024-06 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-43772 – Huachu Easytest Online Learning Test Platform - SQL Injection
https://notcve.org/view.php?id=CVE-2024-43772
02 Sep 2024 — SQL Injection in download student learning course function of Easytest Online Test Platform ver.24E01 and earlier allow remote attackers to execute arbitrary SQL commands via the uid parameter. • https://zuso.ai/advisory/za-2024-05 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-7871 – Huachu Easytest Online Learning Test Platform - SQL Injection
https://notcve.org/view.php?id=CVE-2024-7871
02 Sep 2024 — SQL Injection in online dictionary function of Easytest Online Test Platform ver.24E01 and earlier allow remote authenticated users to execute arbitrary SQL commands via the word parameter. • https://zuso.ai/advisory/za-2024-04 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45623
https://notcve.org/view.php?id=CVE-2024-45623
02 Sep 2024 — D-Link DAP-2310 Hardware A Firmware 1.16RC028 allows remote attackers to execute arbitrary code via a stack-based buffer overflow in the ATP binary that handles PHP HTTP GET requests for the Apache HTTP Server (httpd). • https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10406 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: -EPSS: 0%CPEs: -EXPL: 1CVE-2021-42013) – Apache 2.4.49/2.4.50 Traversal Remote Code Execution Scanner
https://notcve.org/view.php?id=CVE-2021-42013)
https://packetstorm.news/files/id/181114 •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45508 – Ubuntu Security Notice USN-7225-1
https://notcve.org/view.php?id=CVE-2024-45508
01 Sep 2024 — An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. • https://github.com/michaelrsweet/htmldoc/blob/2d5b2ab9ddbf2aee2209010cebc11efdd1cab6e2/CHANGES.md • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2024-44946 – kcm: Serialise kcm_sendmsg() for the same socket.
https://notcve.org/view.php?id=CVE-2024-44946
31 Aug 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://github.com/Abdurahmon3236/CVE-2024-44946 •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2024-44944 – netfilter: ctnetlink: use helper function to calculate expect ID
https://notcve.org/view.php?id=CVE-2024-44944
30 Aug 2024 — An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code. • https://git.kernel.org/stable/c/7b115755fb9d3aff0ddcd18a5c4d83381362acce •