CVE-2024-34352 – Arbitrary file write vulnerability in 1Panel
https://notcve.org/view.php?id=CVE-2024-34352
1Panel is an open source Linux server operation and maintenance management panel. Prior to v1.10.3-lts, there are many command injections in the project, and some of them are not well filtered, leading to arbitrary file writes, and ultimately leading to RCEs. The mirror configuration write symbol `>` can be used to achieve arbitrary file writing. This vulnerability is fixed in v1.10.3-lts. 1Panel es un panel de gestión de operación y mantenimiento de servidores Linux de código abierto. Antes de v1.10.3-lts, había muchas inyecciones de comandos en el proyecto y algunas de ellas no estaban bien filtradas, lo que provocaba escrituras de archivos arbitrarias y, en última instancia, RCE. • https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-f8ch-w75v-c847 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-30257 – 1Panel's password verification is suspected to have a timing attack vulnerability
https://notcve.org/view.php?id=CVE-2024-30257
1Panel is an open source Linux server operation and maintenance management panel. The password verification in the source code uses the != symbol instead hmac.Equal. This may lead to a timing attack vulnerability. This vulnerability is fixed in 1.10.3-lts. 1Panel es un panel de gestión de operación y mantenimiento de servidores Linux de código abierto. • https://github.com/1Panel-dev/1Panel/blob/dev/backend/app/service/auth.go#L81C5-L81C26 https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-6m9h-2pr2-9j8f • CWE-203: Observable Discrepancy •
CVE-2024-31077 – Forminator <= 1.29.2 - Authenticated (Admin+) SQL Injection
https://notcve.org/view.php?id=CVE-2024-31077
Forminator prior to 1.29.3 contains a SQL injection vulnerability. If this vulnerability is exploited, a remote authenticated attacker with an administrative privilege may obtain and alter any information in the database and cause a denial-of-service (DoS) condition. Forminator anterior a 1.29.3 contiene una vulnerabilidad de inyección SQL. Si se explota esta vulnerabilidad, un atacante remoto autenticado con privilegios administrativos puede obtener y alterar cualquier información en la base de datos y provocar una condición de denegación de servicio (DoS). The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to SQL Injection via the 'order_by' parameter in all versions up to, and including, 1.29.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. • https://jvn.jp/en/jp/JVN50132400 https://wordpress.org/plugins/forminator https://wpmudev.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-31857 – Forminator <= 1.15.2 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-31857
Forminator prior to 1.15.4 contains a cross-site scripting vulnerability. If this vulnerability is exploited, a remote attacker may obtain user information etc. and alter the page contents on the user's web browser. Forminator anterior a 1.15.4 contiene una vulnerabilidad de Cross Site Scripting. Si se explota esta vulnerabilidad, un atacante remoto puede obtener información del usuario, etc. y alterar el contenido de la página en el navegador web del usuario. The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in all versions up to, and including, 1.15.2 due to insufficient input sanitization and output escaping. • https://jvn.jp/en/jp/JVN50132400 https://wordpress.org/plugins/forminator https://wpmudev.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-28890 – Forminator <= 1.28.1 - Unauthenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2024-28890
Forminator prior to 1.29.0 contains an unrestricted upload of file with dangerous type vulnerability. If this vulnerability is exploited, a remote attacker may obtain sensitive information by accessing files on the server, alter the site that uses the plugin, and cause a denial-of-service (DoS) condition. Forminator anterior a 1.29.0 contiene una carga sin restricciones de archivos con una vulnerabilidad de tipo peligroso. Si se explota esta vulnerabilidad, un atacante remoto puede obtener información confidencial accediendo a archivos en el servidor, alterar el sitio que utiliza el complemento y provocar una condición de denegación de servicio (DoS). The Forminator – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.28.1. • https://jvn.jp/en/jp/JVN50132400 https://wordpress.org/plugins/forminator https://wpmudev.com • CWE-434: Unrestricted Upload of File with Dangerous Type •