CVSS: 10.0EPSS: 63%CPEs: 1EXPL: 4CVE-2024-5932 – GiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-5932
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'give_title' parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to execute code remotely, and to delete arbitrary files. The GiveWP Donation plugin and Fundraising Platform plugin for WordPress in all versions up to and including 3.14.1 is vulnerable to a PHP object injection (POI) flaw granting an unauthenticated attacker arbitrary code execution. • tab=readme-ov-file https://github.com/0xb0mb3r/CVE-2024-5932-PoC https://github.com/EQSTLab/CVE-2024-5932 https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/includes/login-register.php#L235 https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/includes/process-donation.php#L420 https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/src/DonorDashboards/Tabs/EditProfileTab/AvatarRoute.php#L51 https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/vendor/tecn • CWE-502: Deserialization of Untrusted Data •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-42815
https://notcve.org/view.php?id=CVE-2024-42815
In the TP-Link RE365 V1_180213, there is a buffer overflow vulnerability due to the lack of length verification for the USER_AGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. • https://gist.github.com/XiaoCurry/14d46e0becd79d9bb9907f2fbe147cfe https://securityonline.info/cve-2024-42815-cvss-9-8-buffer-overflow-flaw-in-tp-link-routers-opens-door-to-rce • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2022-1206 – AdRotate – Ad manager & AdSense Ads <= 5.13.2 - Authenticated (Admin+) Double Extension Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2022-1206
This makes it possible for authenticated attackers, with administrator-level access and above, to upload arbitrary files with double extensions on the affected site's server which may make remote code execution possible. • https://plugins.trac.wordpress.org/browser/adrotate/trunk/adrotate-admin-manage.php#L418 https://www.wordfence.com/threat-intel/vulnerabilities/id/9f92219a-e07e-422d-a9f2-dbe4fbcd5f55?source=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 1CVE-2024-7910 – CodeAstro Online Railway Reservation System Profile Photo Update emp-profile-avatar.php unrestricted upload
https://notcve.org/view.php?id=CVE-2024-7910
A vulnerability was found in CodeAstro Online Railway Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/emp-profile-avatar.php of the component Profile Photo Update Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. • submit.391650 https://github.com/CYB84/CVE_Writeup/blob/main/Online%20Railway%20Reservation%20System/RCE%20via%20File%20Upload.md • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 4.7EPSS: 0%CPEs: -EXPL: 0CVE-2024-43005
https://notcve.org/view.php?id=CVE-2024-43005
A reflected cross-site scripting (XSS) vulnerability in the component dl_liuyan_save.php of ZZCMS v2023 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. • http://zzcms.net https://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-43005%20ZZCMS2023%E5%8F%8D%E5%B0%84%E5%9E%8BXSS2.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •