CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4141 – WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) PHP File Creation to Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-4141
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '->cus2' parameter. This allows authenticated attackers with author-level permissions or above, if the administrator previously grants access in the plugin settings, to create a PHP file and execute code on the server. The author resolved this vulnerability by removing the ability for authors and editors to import files, please note that this means php file creation is still allowed for site administrators, use the plugin with caution. El plugin WP Ultimate CSV Importer para WordPress es vulnerable a la ejecución remota de código en versiones hasta, e incluyendo, la v7.9.8 a través del parámetro "->cus2". Esto permite a atacantes autenticados con permisos de nivel autor o superior, si el administrador concede previamente el acceso en la configuración del plugin, crear un archivo PHP y ejecutar código en el servidor. • https://plugins.trac.wordpress.org/browser/wp-ultimate-csv-importer/tags/7.9.6/importExtensions/ImportHelpers.php#L205 https://plugins.trac.wordpress.org/changeset/2944635/wp-ultimate-csv-importer/trunk/wp-ultimate-csv-importer.php https://www.wordfence.com/threat-intel/vulnerabilities/id/b4fe8b1f-da1c-4f94-9ab4-272766b488c3?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4142 – WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-4142
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '->cus1' parameter. This allows authenticated attackers with author-level permissions or above, if the administrator previously grants access in the plugin settings, to execute code on the server. The author resolved this vulnerability by removing the ability for authors and editors to import files, please note that this means remote code execution is still possible for site administrators, use the plugin with caution. El plugin WP Ultimate CSV Importer para WordPress es vulnerable a la ejecución remota de código en versiones hasta, e incluyendo, la v7.9.8 a través del parámetro "->cus1". Esto permite a atacantes autenticados con permisos de nivel de autor o superior, si el administrador concede previamente el acceso en la configuración del plugin, ejecutar código en el servidor. • https://plugins.trac.wordpress.org/browser/wp-ultimate-csv-importer/tags/7.9.6/importExtensions/ImportHelpers.php#L205 https://plugins.trac.wordpress.org/changeset/2944635/wp-ultimate-csv-importer/trunk/wp-ultimate-csv-importer.php https://www.wordfence.com/threat-intel/vulnerabilities/id/db1bad2e-55df-40c5-9a3f-651858a19b42?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1CVE-2023-3401 – Improper Control of Generation of Code ('Code Injection') in GitLab
https://notcve.org/view.php?id=CVE-2023-3401
An issue has been discovered in GitLab affecting all versions before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. The main branch of a repository with a specially designed name allows an attacker to create repositories with malicious code. • https://gitlab.com/gitlab-org/gitlab/-/issues/416252 https://hackerone.com/reports/2031845 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-36255 – Eramba 3.19.1 Remote Command Execution
https://notcve.org/view.php?id=CVE-2023-36255
An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL. Eramba version 3.19.1 suffers from a remote command execution vulnerability. • http://eramba.com https://trovent.github.io/security-advisories/TRSA-2303-01/TRSA-2303-01.txt https://trovent.io/security-advisory-2303-01 https://www.eramba.org • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 92%CPEs: 1EXPL: 3CVE-2023-34634 – GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2023-34634
Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened. • https://www.exploit-db.com/exploits/51633 https://github.com/radman404/CVE-2023-34634 http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.html http://packetstormsecurity.com/files/174222/Greenshot-1.3.274-Deserialization-Command-Execution.html https://github.com/greenshot/greenshot/commit/a152e2883fca7f78051b3bd6b1e5cc57355cb44c https://greenshot.atlassian.net/browse/BUG-3061 - •