CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-54790
https://notcve.org/view.php?id=CVE-2024-54790
A SQL Injection vulnerability was found in /index.php in PHPGurukul Pre-School Enrollment System v1.0, which allows remote attackers to execute arbitrary code via the visittime parameter. • https://github.com/Santoshcyber1/CVE-wirteup/blob/main/Phpgurukul/Pre-School%20Enrollment/SQL%20Injection%20pr-school%20i.pdf • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-55081
https://notcve.org/view.php?id=CVE-2024-55081
An XML External Entity (XXE) injection vulnerability in the component /datagrip/upload of Chat2DB v0.3.5 allows attackers to execute arbitrary code via supplying a crafted XML input. • https://gist.github.com/summerxxoo/18b3ccc91aacd606aa4d48a02029e9e7 https://github.com/summerxxoo/VulnPoc/blob/main/chat2DB_XXE.md •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11364 – Rockwell Automation Third Party Vulnerability in Arena®
https://notcve.org/view.php?id=CVE-2024-11364
If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1713.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12700 – Tibbo AggreGate Network Manager Unrestricted Upload of File with Dangerous Type
https://notcve.org/view.php?id=CVE-2024-12700
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tibbo Aggregate Network Manager. • https://aggregate.digital/downloads.html https://www.cisa.gov/news-events/ics-advisories/icsa-24-354-05 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12829 – Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-12829
Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. • https://www.zerodayinitiative.com/advisories/ZDI-24-1717 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •