NotCVE - "Arbitrary code execution"

Page 3 of 40841 results (0.192 seconds)

CVSS: 5.3EPSS: 0%CPEs: -EXPL: 1

CVE-2024-11587 – idcCMS classProvCity.php GetCityOptionJs cross site scripting

https://notcve.org/view.php?id=CVE-2024-11587

A vulnerability was found in idcCMS 1.60. It has been classified as problematic. This affects the function GetCityOptionJs of the file /inc/classProvCity.php. The manipulation of the argument idName leads to cross site scripting. It is possible to initiate the attack remotely. • https://vuldb.com/?id.285657 https://vuldb.com/?ctiid.285657 https://vuldb.com/?submit.442071 https://github.com/Hebing123/cve/issues/75 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-11320 – Command Injection leading to RCE via LDAP Misconfiguration

https://notcve.org/view.php?id=CVE-2024-11320

Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism. • https://pandorafms.com/en/security/common-vulnerabilities-and-exposures • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-11506 – IrfanView DWG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2024-11506

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-11507 – IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2024-11507

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

CVE-2024-11508 – IrfanView DXF File Parsing Type Confusion Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2024-11508

1 2 3 4 5