CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-47219
https://notcve.org/view.php?id=CVE-2024-47219
An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows shell command injection. • https://github.com/vesoft-inc/nebula/pull/5936 https://github.com/vesoft-inc/nebula/pull/5936/commits/cd6c5976ccfe817b2e0a2d46227cd361bfefb45c • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-46640
https://notcve.org/view.php?id=CVE-2024-46640
SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although the system has a check function, the check function is not executed during execution, allowing remote code execution by writing to the file through the MySQL slow query method. • https://gitee.com/zheng_botong/CVE-2024-46640 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-46103
https://notcve.org/view.php?id=CVE-2024-46103
SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php. • https://github.com/N0zoM1z0/MY-CVE/blob/main/CVE-2024-46103.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2024-9006 – jeanmarc77 123solar config_invt1.php code injection
https://notcve.org/view.php?id=CVE-2024-9006
The manipulation of the argument PASSOx leads to code injection. ... Mittels dem Manipulieren des Arguments PASSOx mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. • https://github.com/jeanmarc77/123solar/commit/f4a8c748ec436e5a79f91ccb6a6f73752b336aa5 https://github.com/jeanmarc77/123solar/issues/74 https://github.com/jeanmarc77/123solar/issues/74#issuecomment-2357653441 https://vuldb.com/?ctiid.278162 https://vuldb.com/?id.278162 https://vuldb.com/?submit.408298 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-40125
https://notcve.org/view.php?id=CVE-2024-40125
An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the upload endpoint. • https://github.com/brendontkl/My-CVEs/tree/main/CVE-2024-40125 https://www.closed-loop.biz • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-434: Unrestricted Upload of File with Dangerous Type •