AZL-42427 CVE-2024-5585 affecting package php for versions less than 8.1.29-1

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command ar...

CVE-2024-37160

Formwork is a flat file-based Content Management System CMS. An attackers requires administrator privilege to execute arbitrary web scripts by modifying site options via /panel/options/site. This type of attack is suitable for persistence, affecting visitors across all pages except the dashboard...

CVE-2024-37160 Formwork has a Cross-site scripting (XSS) vulnerability in Description metadata

Formwork is a flat file-based Content Management System CMS. An attackers requires administrator privilege to execute arbitrary web scripts by modifying site options via /panel/options/site. This type of attack is suitable for persistence, affecting visitors across all pages except the dashboard...

CVE-2024-4194

The The Album and Image Gallery plus Lightbox plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This mak...

Arbitrary JavaScript execution due to using outdated libraries

Summary gradio-pdf projects with dependencies on the pdf.js library are vulnerable to CVE-2024-4367, which allows arbitrary JavaScript execution. PoC 1. Generate a pdf file with a malicious script in the fontmatrix. This will run alert‘XSS’. poc.pdf 2. Run the app. In this PoC, I've used the demo...

CVE-2024-36569

Sourcecodester Gas Agency Management System v1.0 is vulnerable to arbitrary code execution via editClientImage.php...

CVE-2024-33805

A SQL injection vulnerability in /model/getstudent.php in campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the id parameter...

AutomationDirect P3-550E Programming Software Connection scan_lib.bin library code injection vulnerability

Talos Vulnerability Report TALOS-2024-1943 AutomationDirect P3-550E Programming Software Connection scanlib.bin library code injection vulnerability May 28, 2024 CVE Number CVE-2024-23601 SUMMARY A code injection vulnerability exists in the scanlib.bin functionality of AutomationDirect P3-550E...

CVE-2024-4037

CVE-2024-4037 affects the WordPress plugin WP Photo Album Plus (all versions up to 8.7.02.003). The issue is an unauthenticated shortcode-execution flaw where an action does not properly validate a value before running do_shortcode, enabling unauthenticated attackers to execute arbitrary shortcod...

libreoffice: Improper Input Validation leading to arbitrary gstreamer plugin execution

An improper input validation vulnerability was found in LibreOffice. In versions where filenames are not sufficiently escaped, an attacker can execute arbitrary GStreamer plugins...

CVE-2024-4261 Responsive Contact Form Builder & Lead Generation Plugin <= 1.9.1 - Authenticated (Subscriber+) Arbitrary Shortcode Execution

The Responsive Contact Form Builder & Lead Generation Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.9.1. This is due to the software allowing users to execute an action that does not properly validate a value before running...

CVE-2024-4261

CVE-2024-4261 affects the Responsive Contact Form Builder & Lead Generation Plugin for WordPress, enabling authenticated users with subscriber+ privileges to execute arbitrary shortcodes via improper validation in do_shortcode. The Red Hat entry corroborates the issue and the Wordfence summary no...

CVE-2024-4144

The Simple Basic Contact Form plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 20240502. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on the functionality of...

CVE-2024-4144 Simple Basic Contact Form <= 20240502 - Unauthenticated Arbitrary Shortcode Execution

The Simple Basic Contact Form plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 20240502. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on the functionality of...

Simple Basic Contact Form < 20240511 - Unauthenticated Arbitrary Shortcode Execution

Description The Simple Basic Contact Form plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 20240502. This allows unauthenticated attackers to execute arbitrary shortcodes. The severity and exploitability depends on the...

Orders Tracking for WooCommerce < 1.2.11 - Unauthenticated Arbitrary Shortcode Execution

Description The The Orders Tracking for WooCommerce plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.10. This is due to the plugin allowing users to execute an action that does not properly validate a value before running...

CVE-2024-4135

The WP Latest Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.7. This is due to the plugin allowing users to execute an action that does not properly validate a user-supplied value prior to using that value in a call to...

CVE-2024-4135 WP Latest Posts <= 5.0.7 - Authenticated (Subscriber+) Arbitrary Shortcode Execution

The WP Latest Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.0.7. This is due to the plugin allowing users to execute an action that does not properly validate a user-supplied value prior to using that value in a call to...

SEMCMS SQL注入漏洞

SEMCMS is a foreign trade web content management system CMS that supports multiple languages. SEMCMS 4.8 and earlier versions suffer from a SQL injection vulnerability, which stems from the application's lack of validation of external input SQL statements, and can be exploited by attackers to...

Cross Site Scripting (XSS)

yapi-vendor is vulnerable to Cross Site Scripting XSS. The vulnerability is due to insufficient input validation in its Advanced Expectation - Response module, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field...