CVE-2024-52725
https://notcve.org/view.php?id=CVE-2024-52725
This allows an attacker to execute arbitrary code via the ldgid parameter in the SEMCMS_SeoAndTag.php component. • http://semcms.com https://github.com/Megrez0423/Seecms •
CVE-2024-52739
https://notcve.org/view.php?id=CVE-2024-52739
D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution (RCE) vulnerabilities in the msp_info_htm function via the flag and cmd parameters. • https://github.com/faqiadegege/IoTVuln/blob/main/DI_8400_msp_info_htm_rce/detail.md https://www.dlink.com/en/security-bulletin • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-52765
https://notcve.org/view.php?id=CVE-2024-52765
H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter. • http://tjr181.com/2024/11/08/H3C%20GR-1800AX •
CVE-2024-52769
https://notcve.org/view.php?id=CVE-2024-52769
An arbitrary file upload vulnerability in the component /admin/friendlink_edit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file. • https://co-a1natas.feishu.cn/docx/Zsd9dnGUvoBW6tx0G5fcVx6vnBb https://github.com/DedeBIZ/DedeV6 •
CVE-2024-52770
https://notcve.org/view.php?id=CVE-2024-52770
An arbitrary file upload vulnerability in the component /admin/file_manage_control of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file. • https://co-a1natas.feishu.cn/docx/Zsd9dnGUvoBW6tx0G5fcVx6vnBb https://github.com/DedeBIZ/DedeV6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •