| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| Exploit for CVE-2024-46310 | 28 Aug 202419:36 | – | githubexploit | |
| Exploit for CVE-2024-46310 | 28 Aug 202419:36 | – | githubexploit | |
| Exploit for CVE-2024-46310 | 28 Aug 202419:36 | – | githubexploit | |
| The vulnerability of the wpDiscuz plugin of the WordPress content management system allows attackers to compromise data integrity. | 29 Oct 202400:00 | – | bdu_fstec | |
| CVE-2024-46310 | 7 Oct 202404:26 | – | circl | |
| Cfx.re FXServer 安全漏洞 | 13 Jan 202500:00 | – | cnnvd | |
| CVE-2024-46310 | 13 Jan 202500:00 | – | cve | |
| CVE-2024-46310 | 13 Jan 202500:00 | – | cvelist | |
| CVE-2024-46310 | 13 Jan 202519:15 | – | nvd | |
| PT-2024-7359 | 4 Jun 202400:00 | – | ptsecurity |
id: CVE-2024-46310
info:
name: FXServer < v9601 - Information Exposure
author: s4e-io
severity: medium
description: |
Incorrect Access Control in FXServer version's v9601 and prior, for CFX.re FiveM, allows unauthenticated users to modify and read userdata via exposed api endpoint.
impact: |
Unauthenticated users can access and modify sensitive userdata including player identifiers and connection information.
remediation: |
Update FXServer to a version later than v9601 that patches the access control vulnerability.
reference:
- https://github.com/UwUtisum/CVE-2024-46310
- https://vulmon.com/vulnerabilitydetails?qid=CVE-2024-46310
- https://vulners.com/githubexploit/D31ED8EC-1E21-54F9-AD42-778DAFBC8B4E
classification:
epss-score: 0.02393
epss-percentile: 0.81972
metadata:
verified: true
max-request: 1
vendor: fxserver
product: fxserver
tags: cve,cve2024,fxserver,info-leak,vuln
http:
- raw:
- |
GET /players.json HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'contains_all(body,"endpoint", "id", "identifiers", "name", "ping")'
- 'status_code == 200'
condition: and
# digest: 4a0a004730450220792e58187245662c6da03d027948dd9660a0d71cfa7e335f8a819cdc056c2511022100c747785a8e64f6ccc45049256945911e238e453cf013829ebf89aa2082805050:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation