CVSS: 6.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-8880 – playSMS Template index.php code injection
https://notcve.org/view.php?id=CVE-2024-8880
The manipulation of the argument username/email/captcha leads to code injection. ... Mittels dem Manipulieren des Arguments username/email/captcha mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. • https://vuldb.com/?ctiid.277524 https://vuldb.com/?id.277524 https://vuldb.com/?submit.406095 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.3EPSS: 0%CPEs: -EXPL: 1CVE-2024-44623
https://notcve.org/view.php?id=CVE-2024-44623
An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function. • https://github.com/merbinr/CVE-2024-44623 https://github.com/TuomoKu/SPX-GC https://github.com/TuomoKu/SPX-GC/blob/v.1.3.0/routes/routes-api.js#L39 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2024-8864 – composiohq composio calculator.py Calculator code injection
https://notcve.org/view.php?id=CVE-2024-8864
The manipulation leads to code injection. ... Durch Manipulation mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. • https://rumbling-slice-eb0.notion.site/Composio-s-Local-tools-Mathematical-has-a-code-injection-risk-in-composiohq-composio-ea0e89ee10fe4edfb9a8cfeed158c765? • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-8271 – FOX – Currency Switcher Professional for WooCommerce <= 1.4.2.1 - Unauthenticated Arbitrary Shortcode Execution
https://notcve.org/view.php?id=CVE-2024-8271
The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.1. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode in the 'woocs_get_custom_price_html' function. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes. • https://plugins.trac.wordpress.org/browser/woocommerce-currency-switcher/tags/1.4.2.1/classes/woocs.php#L4604 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3150596%40woocommerce-currency-switcher&new=3150596%40woocommerce-currency-switcher&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/dec51bd6-2ffe-47b6-9423-6131395bf439?source=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45109 – Photoshop Desktop | Out-of-bounds Write (CWE-787)
https://notcve.org/view.php?id=CVE-2024-45109
Photoshop Desktop versions 24.7.4, 25.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/photoshop/apsb24-72.html • CWE-787: Out-of-bounds Write •