CVSS: 4.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-42770
https://notcve.org/view.php?id=CVE-2024-42770
A Stored Cross Site Scripting (XSS) vulnerability was found in "/core/signup_user.php" of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via the "user_email" parameter. • https://github.com/takekaramey/CVE_Writeup/blob/main/Kashipara/Hotel%20Management%20System%20v1.0/Stored%20XSS%20-%20Sign%20UP.pdf https://www.kashipara.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-5581 – Allegra unzipFile Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5581
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. •
CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-5580 – Allegra loadFieldMatch Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-5580
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-7988 – ThinManager® ThinServerâ„¢ Information Disclosure and Remote Code Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2024-7988
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServerâ„¢ that allows a threat actor to execute arbitrary code with System privileges. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation ThinManager. • https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1692.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-45169
https://notcve.org/view.php?id=CVE-2024-45169
Due to improper input validation, improper deserialization, and improper restriction of operations within the bounds of a memory buffer, IDOL2 is vulnerable to Denial-of-Service (DoS) attacks and possibly remote code execution via the \xB0\x00\x3c byte sequence. • http://download.uci.de/idol2/idol2Client_2_12.exe https://uci.de/download/idol2-client.html https://uci.de/products/index.html https://www.syss.de/en/responsible-disclosure-policy https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-052.txt • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •