CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

RedhatCVE•added 2025/05/23 8:59 a.m.•4 views

CVE-2024-36572

Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause other impacts via the functions setDefaults, mergeBranch, and Object.setObjectValue...

9.8CVSS7.4AI score0.00375EPSS

Exploits1References1

NVD•added 2024/07/30 8:15 p.m.•16 views

CVE-2024-36572

Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause other impacts via the functions setDefaults, mergeBranch, and Object.setObjectValue...

9.8CVSS0.00375EPSS

Exploits1References2

Positive Technologies•added 2024/07/30 12:0 a.m.•2 views

PT-2024-27072 · Unknown · Allpro Form-Manager

Name of the Vulnerable Software and Affected Versions: allpro form-manager version 0.7.4 Description: The issue allows attackers to run arbitrary code and cause other impacts. This is achieved via the functions setDefaults, mergeBranch, and Object.setObjectValue. Recommendations: For allpro...

9.8CVSS7.5AI score0.00375EPSS

Exploits1References5

Vulnrichment•added 2024/07/30 12:0 a.m.•11 views

CVE-2024-36572

Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause other impacts via the functions setDefaults, mergeBranch, and Object.setObjectValue...

7.6AI score0.00375EPSS

Exploits1References2

CVE•added 2024/07/30 12:0 a.m.•55 views

CVE-2024-36572

CVE-2024-36572 concerns prototype pollution in allpro form-manager 0.7.4. The issue arises through the functions setDefaults , mergeBranch , and Object.setObjectValue , enabling attackers to manipulate Object.prototype and potentially achieve arbitrary code execution or other impacts as described...

9.8CVSS7.6AI score0.00375EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by