CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-28716
https://notcve.org/view.php?id=CVE-2024-28716
An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component. • https://bugs.launchpad.net/solum/+bug/2047505 https://drive.google.com/file/d/11x-6CjWCyap8_W1JpVzun56HQkPNLtWT/view?usp=drive_link https://gist.github.com/Fewword/f098d8d6375ac25e27b18c0e57be532f • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2024-33103
https://notcve.org/view.php?id=CVE-2024-33103
An arbitrary file upload vulnerability in the Media Manager component of DokuWiki 2024-02-06a allows attackers to execute arbitrary code by uploading a crafted SVG file. • https://github.com/dokuwiki/dokuwiki/issues/4267 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-0840 – Grandstream UCM Series IP PBX HTTP Parameter Injection
https://notcve.org/view.php?id=CVE-2024-0840
A remote and authenticated attacker can execute arbitrary code by sending a crafted HTTP request. • https://vulncheck.com/advisories/grand-stream-param-injection • CWE-141: Improper Neutralization of Parameter/Argument Delimiters •
CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-31823
https://notcve.org/view.php?id=CVE-2024-31823
An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the removeSecondaryImage method of the Publish.php component. • https://gist.github.com/LioTree/4989e0f20b6a885604dd3178fa4b66b5 https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/d22b54e8915f167a135046ceb857caaf8479c4da https://liotree.github.io/2023/Ecommerce-CodeIgniter-Bootstrap.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-33445
https://notcve.org/view.php?id=CVE-2024-33445
An issue in hisiphp v2.0.111 allows a remote attacker to execute arbitrary code via a crafted script to the SystemPlugins::mkInfo parameter in the SystemPlugins.php component. • https://gist.github.com/LioTree/04a4ece38df53af4027d52b2aeb7aff6 https://github.com/hisiphp/hisiphp/issues/11 • CWE-94: Improper Control of Generation of Code ('Code Injection') •