CVE-2024-36574
https://notcve.org/view.php?id=CVE-2024-36574
A Prototype Pollution issue in flatten-json 1.0.1 allows an attacker to execute arbitrary code via module.exports.unflattenJSON (flatten-json/index.js:42) Un problema de contaminación de prototipos en flatten-json 1.0.1 permite a un atacante ejecutar código arbitrario a través de module.exports.unflattenJSON (flatten-json/index.js:42) • https://gist.github.com/mestrtee/d5a0c93459599f77557b5bbe78b57325 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVE-2024-37848
https://notcve.org/view.php?id=CVE-2024-37848
SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php component. • https://github.com/Lanxiy7th/lx_CVE_report-/issues/13 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-36581
https://notcve.org/view.php?id=CVE-2024-36581
A Prototype Pollution issue in abw badger-database 1.2.1 allows an attacker to execute arbitrary code via dist/badger-database.esm. • https://gist.github.com/mestrtee/f6b2ed1b3b4bc0df994c7455fc6110bd • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-36583
https://notcve.org/view.php?id=CVE-2024-36583
A Prototype Pollution issue in byondreal accessor <= 1.0.0 allows an attacker to execute arbitrary code via @byondreal/accessor/index. • https://gist.github.com/mestrtee/97bc2fbfbcbde3a54d5536c9adeee34c • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVE-2024-36575
https://notcve.org/view.php?id=CVE-2024-36575
A Prototype Pollution issue in getsetprop 1.1.0 allows an attacker to execute arbitrary code via global.accessor. • https://gist.github.com/mestrtee/0d830798f20839d634278d7af0155f9e • CWE-94: Improper Control of Generation of Code ('Code Injection') •