CVE-2024-8923 – Sandbox Escape in Now Platform
https://notcve.org/view.php?id=CVE-2024-8923
ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes. • https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1706070 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-9886 – WP Baidu Map <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
https://notcve.org/view.php?id=CVE-2024-9886
The WP Baidu Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'baidu_map' shortcode in all versions up to, and including, 1.2.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento WP Baidu Map para WordPress es vulnerable a Cross Site Scripting almacenado a través del código abreviado 'baidu_map' del complemento en todas las versiones hasta la 1.2.2 incluida, debido a una desinfección de entrada y un escape de salida insuficiente en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados, con acceso de nivel de colaborador y superior, inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. • https://plugins.trac.wordpress.org/browser/wp-baidu-map/trunk/wp-baidu-map.php https://wordpress.org/plugins/wp-baidu-map https://www.wordfence.com/threat-intel/vulnerabilities/id/ccd917ae-3fa2-47b5-ace7-1462647e2352? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-9846 – Enable Shortcodes inside Widgets,Comments and Experts <= 1.0.0 - Unauthenticated Arbitrary Shortcode Execution
https://notcve.org/view.php?id=CVE-2024-9846
The The Enable Shortcodes inside Widgets,Comments and Experts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.0. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. El complemento Enable Shortcodes inside Widgets,Comments and Experts para WordPress es vulnerable a la ejecución arbitraria de códigos cortos en todas las versiones hasta la 1.0.0 incluida. Esto se debe a que el software permite a los usuarios ejecutar una acción que no valida correctamente un valor antes de ejecutar do_shortcode. • https://plugins.trac.wordpress.org/browser/enable-shortcodes-inside-widgetscomments-and-experts/trunk/enable-shortcodes-inside-widgets-comments-experts.php#L19 https://wordpress.org/plugins/enable-shortcodes-inside-widgetscomments-and-experts/#developers https://www.wordfence.com/threat-intel/vulnerabilities/id/f1ac2544-f96b-4859-96de-795753a94264?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2024-48955
https://notcve.org/view.php?id=CVE-2024-48955
In NetAdmin 4.0.30319, an attacker can steal a valid session cookie and inject it into another device, granting unauthorized access. This type of attack is commonly referred to as session hijacking. En NetAdmin 4.0.30319, un atacante puede robar una cookie de sesión válida e inyectarla en otro dispositivo, lo que le otorga acceso no autorizado. Este tipo de ataque se conoce comúnmente como secuestro de sesión. Broken access control in NetAdmin 4.030319 returns data with functionalities on the endpoint that "assembles" the functionalities menus, the return of this call is not encrypted and as the system does not validate the session authorization, an attacker can copy the content of the browser of a user with greater privileges having access to the functionalities of the user that the code was copied. • https://github.com/BrotherOfJhonny/CVE-2024-48955_Overview https://netadmin.software/gestao-de-identidade-e-acesso https://vulmon.com/vulnerabilitydetails? • CWE-384: Session Fixation •
CVE-2024-48138
https://notcve.org/view.php?id=CVE-2024-48138
A remote code execution (RCE) vulnerability in the component /PluXml/core/admin/parametres_edittpl.php of PluXml v5.8.16 and lower allows attackers to execute arbitrary code via injecting a crafted payload into a template. Una vulnerabilidad de ejecución remota de código (RCE) en el componente /PluXml/core/admin/parametres_edittpl.php de PluXml v5.8.16 y anteriores permite a los atacantes ejecutar código arbitrario mediante la inyección de un payload manipulado en una plantilla. • https://github.com/pluxml/PluXml/issues/829 • CWE-94: Improper Control of Generation of Code ('Code Injection') •