Lucene search
K

6 matches found

NVD
NVD
added 2024/08/08 12:15 a.m.43 views

CVE-2024-6891

Attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow...

8.8CVSS0.00953EPSS
Exploits3References2
0day.today
0day.today
added 2024/08/08 12:0 a.m.218 views

Journyx 11.5.4 Authenticated Remote Code Execution Vulnerability

Journyx version 11.5.4 has an issue where attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow. Title: Journyx Authenticated Remote Code Execution Advisory ID: KL-001-2024-008 Publication Date: 2024.08.07 Publication URL:...

8.8CVSS7.7AI score0.00953EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.341 views

Journyx 11.5.4 Authenticated Remote Code Execution

KL-001-2024-008: Journyx Authenticated Remote Code Execution Title: Journyx Authenticated Remote Code Execution Advisory ID: KL-001-2024-008 Publication Date: 2024.08.07 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-008.txt 1. Vulnerability Details Affected Vendor: Journ...

8.8CVSS7.1AI score0.00953EPSS
Exploits3
Cvelist
Cvelist
added 2024/08/07 11:13 p.m.40 views

CVE-2024-6891 Journyx Authenticated Remote Code Execution

Attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow...

0.00953EPSS
Exploits3References1
Vulnrichment
Vulnrichment
added 2024/08/07 11:13 p.m.15 views

CVE-2024-6891 Journyx Authenticated Remote Code Execution

Attackers with a valid username and password can exploit a python code injection vulnerability during the natural login flow...

7.6AI score0.00953EPSS
Exploits3References1
KoreLogic Security
KoreLogic Security
added 2024/08/07 12:0 a.m.33 views

Journyx Authenticated Remote Code Execution

Vulnerability Details Affected Vendor: Journyx Affected Product: Journyx jtime Affected Version: 11.5.4 Platform: GNU/Linux CWE Classification: CWE-94: Improper Control of Generation of Code 'Code Injection', CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code 'Eval...

8.8CVSS7.5AI score0.00953EPSS
Exploits3Affected Software1
Rows per page
Query Builder