CVSS: 5.2EPSS: 0%CPEs: 4EXPL: 0CVE-2024-28829 – Privilege escalation in mk_informix plugin
https://notcve.org/view.php?id=CVE-2024-28829
Least privilege violation and reliance on untrusted inputs in the mk_informix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 (EOL) allows local users to escalate privileges. • https://checkmk.com/werk/16249 • CWE-272: Least Privilege Violation CWE-807: Reliance on Untrusted Inputs in a Security Decision •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-42585
https://notcve.org/view.php?id=CVE-2024-42585
A Cross-Site Request Forgery (CSRF) in the component delete_media.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/33de7a4bd7a4517a26fa4e4911b7fb1d • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-42580
https://notcve.org/view.php?id=CVE-2024-42580
A Cross-Site Request Forgery (CSRF) in the component edit_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/8a05309486637d8c6ce8c6624ec1e897 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-42576
https://notcve.org/view.php?id=CVE-2024-42576
A Cross-Site Request Forgery (CSRF) in the component edit_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/50a1d8ad7effd9ccd089952602c831d3 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-42584
https://notcve.org/view.php?id=CVE-2024-42584
A Cross-Site Request Forgery (CSRF) in the component delete_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. • https://gist.github.com/topsky979/6037eaac5749430c29cf15fdd9df0ba5 •