Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 2024/10/31 9:49 p.m.10 views

GHSA-6H8W-HRFP-PFFX Plenti arbitrary file deletion vulnerability

Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerabili...

9.3CVSS7.3AI score0.00773EPSS
Exploits1References5
NVD
NVDadded 2024/10/25 2:15 p.m.20 views

CVE-2024-49381

Plenti, a static site generator, has an arbitrary file deletion vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write deletion when a plenti user serves their website. This issue may lead to information loss. Version 0.7.2 fixes the vulnerabili...

8.7CVSS0.00773EPSS
Exploits1References3
Cvelist
Cvelistadded 2024/10/25 1:4 p.m.18 views

CVE-2024-49380 Plenti arbitrary file write vulnerability

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the...

9.3CVSS0.02763EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2024/10/25 1:4 p.m.15 views

CVE-2024-49380 Plenti arbitrary file write vulnerability

Plenti, a static site generator, has an arbitrary file write vulnerability in versions prior to 0.7.2. The /postLocal endpoint is vulnerable to an arbitrary file write vulnerability when a plenti user serves their website. This issue may lead to Remote Code Execution. Version 0.7.2 fixes the...

9.3CVSS7.5AI score0.02763EPSS
Exploits1References3
CVE
CVEadded 2024/10/25 1:4 p.m.104 views

CVE-2024-49380

CVE-2024-49380 affects Plenti (static site generator) prior to v0.7.2. Affected component: the /postLocal endpoint, which allows arbitrary file writes and may enable remote code execution. Impact is described as High/CRITICAL depending on metric source. The issue is fixed in v0.7.2. Remediation: ...

9.3CVSS6.8AI score0.02763EPSS
In wildExploits1References3Affected Software1
Github Security Blog
Github Security Blogadded 2021/05/25 6:44 p.m.70 views

Arbitrary code execution due to an uncontrolled search path for the git binary

Impact The go language recently addressed a security issue in the way that binaries are found before being executed. Some operating systems like Windows persist to have the current directory being part of the default search path, and having priority over the system-wide path. This means that it's...

9.8CVSS3AI score0.01719EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder