CVE-2024-37848
https://notcve.org/view.php?id=CVE-2024-37848
SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php component. • https://github.com/Lanxiy7th/lx_CVE_report-/issues/13 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-36581
https://notcve.org/view.php?id=CVE-2024-36581
A Prototype Pollution issue in abw badger-database 1.2.1 allows an attacker to execute arbitrary code via dist/badger-database.esm. • https://gist.github.com/mestrtee/f6b2ed1b3b4bc0df994c7455fc6110bd • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-36583
https://notcve.org/view.php?id=CVE-2024-36583
A Prototype Pollution issue in byondreal accessor <= 1.0.0 allows an attacker to execute arbitrary code via @byondreal/accessor/index. • https://gist.github.com/mestrtee/97bc2fbfbcbde3a54d5536c9adeee34c • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVE-2024-36575
https://notcve.org/view.php?id=CVE-2024-36575
A Prototype Pollution issue in getsetprop 1.1.0 allows an attacker to execute arbitrary code via global.accessor. • https://gist.github.com/mestrtee/0d830798f20839d634278d7af0155f9e • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-37057
https://notcve.org/view.php?id=CVE-2023-37057
Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication mechanism. • http://jlink.com http://www.unionman.com.cn/en/contact.html https://github.com/ri5c/Jlink-Router-RCE https://jlink-global.com • CWE-288: Authentication Bypass Using an Alternate Path or Channel •