@RISK: The Consensus Security Vulnerability Alert

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

Mapping Threats with DNSTwist and the Internet Storm Center [Guest Diary]

Published: 2024-08-20

Last Updated: 2024-08-21 00:17:41 UTC

by Guy Bruneau (Version: 1)

[This is a Guest Diary by Michael Tigges, an ISC intern as part of the SANS.edu BACS program]

On July 16, 2024, I received notification of a suspicious tunnel being opened via SSH in relation to the medical image viewing software "MicroDICOM". MicroDICOM is a medical imagery software and processing engine commonly used to examine x-ray’s, MRIs, and ultrasounds. This was atypical for this application-- while it contained the capabilities to perform network sharing, this application reused private keys and generally engaged in unsafe practices for a method that might connect to an organizational resource. Furthermore, all files were connecting back to the same IP address, 209.127.37.48. Upon investigation, we were able to determine that this application was not, in fact, the application it purported to be, but instead part of large phishing campaign that appeared to prey on a recent Common Vulnerability & Exploit (CVE) notification from the Cybersecurity & Infrastructure Security Agency (CISA).

On July 11, 2024, CISA released ICS Medical Advisory 'ICSMA-24-163-01'. This advisory raised two CVEs to public attention:

CVE-2024-33606 (CVSS 8.8) for the improper authorization for custom URL scheme.

CVE-2024-28877 (CVSS 8.8) for a stack buffer overflow.

The combination of these CVE's necessitates an immediate update to this application, and in fact, proper security due diligence would be to mitigate this as soon as possible with updating/patching. As such, a large portion of the MicroDICOM users were likely looking to update their software.

Behavioral Analysis

Armed with this context, we can focus on our binary analysis. I retrieved the payload from the host system that fired the alert. Our application, `MicroDicom-2024.2+2.exe` was much larger than the original application at 179 MB, versus the typical 10MB to 12.5MB that the original application is. Our first hint aside from the obvious non-matching file hash and size that we may be dealing with adversarial behavior came through the certificate utilized by this application, "Helping businesses Limited". (Bonus: This is a commonly abused signature! More on that at the end.)

Further examination of the application in a sandbox revealed the presence of several artifacts of interest inconsistent with the general behavior of this service. The first, `UpdaterSvc.exe` is a service registered on the target system upon installation of the suspicious MicroDICOM application. This service is quite simple, and process hierarchy reveals that this is responsible for the invocation of our second artifact of interest, 7655.bat. This, in turn, is responsible for the construction and execution of our SSH tunnel. Armed with this knowledge, we can begin enumeration in earnest to find some more information regarding potential attack vectors for our MicroDICOM application.

Read the full entry:

https://isc.sans.edu/diary/Mapping+Threats+with+DNSTwist+and+the+Internet+Storm+Center+Guest+Diary/31188/

Where are we with CVE-2024-38063: Microsoft IPv6 Vulnerability

Published: 2024-08-20

Last Updated: 2024-08-20 14:06:39 UTC

by Johannes Ullrich (Version: 1)

I recorded a quick live stream with a quick update on CVE-2024-38063. The video focuses on determining the exploitability, particularly whether your systems are reachable by IPv6.

After recording this video, Stephen Sims pointed me to a thread on X published yesterday. It goes over some of the possible exploit paths. The main takeaway is that it will likely take multiple packets to successfully exploit this issue, and exploitation will likely not be reliable. Some of the discussion also reminds me of a recent IPv4 issue in FreeBSD.

The FreeBSD issue was caused by ICMP error messages sent in response to crafted ICMP requests. ICMP options included in the response caused a buffer overflow. Something similar may be happening here. If I read the X thread correctly, multiple queued errors are required in the case of CVE-2024-38063.

See this "Packet Tuesday" video about the FreeBSD issue: https://www.youtube.com/watch?v=Bgmfl17AQWA

Read the full entry:

https://isc.sans.edu/diary/Where+are+we+with+CVE202438063+Microsoft+IPv6+Vulnerability/31186/

Do you Like Donuts? Here is a Donut Shellcode Delivered Through PowerShell/Python (2024.08.19)

https://isc.sans.edu/diary/Do+you+Like+Donuts+Here+is+a+Donut+Shellcode+Delivered+Through+PowerShellPython/31182/

[Guest Diary] 7 minutes and 4 steps to a quick win: A write-up on custom tools (2024.08.16)

https://isc.sans.edu/diary/Guest+Diary+7+minutes+and+4+steps+to+a+quick+win+A+writeup+on+custom+tools/31170/

Wireshark 4.4.0rc1's Custom Columns (2024.08.15)

https://isc.sans.edu/diary/Wireshark+440rc1s+Custom+Columns/31174/

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

Product: Microsoft Windows 10 1507

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38063

ISC Diary: https://isc.sans.edu/diary/31186

ISC Podcast: https://isc.sans.edu/podcastdetail/9098

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063

Product: Ivanti vTM

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7593

ISC Podcast: https://isc.sans.edu/podcastdetail/9098

NVD References: https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Virtual-Traffic-Manager-vTM-CVE-2024-7593

Product: Ivanti ITSM

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7569

NVD References:

Product: Ivanti Avalanche

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38652

NVD References:

CVE-2024-38652-CVE-2024-38653-

Product: Solarwinds Web Help Desk

CVSS Score: 9.8

** KEV since 2024-08-15 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28986

NVD References:

- https://support.solarwinds.com/SuccessCenter/s/article/WHD-12-8-3-Hotfix-1

- https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-28986

Product: PHP

CVSS Score: 0

** KEV since 2024-06-12 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-4577

ISC Podcast: https://isc.sans.edu/podcastdetail/9106

Product: Microsoft Windows 10 1507

CVSS Score: 7.0

** KEV since 2024-08-13 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38106

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38106

Product: Microsoft Windows 10 1507

CVSS Score: 7.8

** KEV since 2024-08-13 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38107

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38107

Product: Microsoft Windows 10 1507

CVSS Score: 7.5

** KEV since 2024-08-13 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38178

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38178

Product: Microsoft 365 Apps

CVSS Score: 8.8

** KEV since 2024-08-13 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38189

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38189

Product: Microsoft Windows 10 1507

CVSS Score: 7.8

** KEV since 2024-08-13 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38193

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38193

Product: Microsoft Windows 10 1507

CVSS Score: 6.5

** KEV since 2024-08-13 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38213

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38213

Product: Siemens SINEC NMS

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-41940

NVD References: https://cert-portal.siemens.com/productcert/html/ssa-784301.html

Product: Microsoft Azure Stack Hub

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38108

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38108

Product: Microsoft Windows 10 1507

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38140

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38140

Product: Microsoft Windows 10 1607

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38159

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38160

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38159

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38160

Product: Microsoft Windows 10 1507

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38199

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38199

Product: Rems Accounts Manager App

CVSS Score: 9.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7748

NVD References:

- https://github.com/joinia/webray.com.cn/blob/main/Accounts-Manager-App/Accounts-Manager-Appsql.md

- https://vuldb.com/?ctiid.274367

- https://vuldb.com/?id.274367

- https://vuldb.com/?submit.389358

Product: MediaTek Modem

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20082

NVD References: https://corp.mediatek.com/product-security-bulletin/August-2024

Product: SECOM Dr.ID Access Control System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7731

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7732

NVD References:

-https://www.twcert.org.tw/en/cp-139-8006-036f5-2.html

- https://www.twcert.org.tw/tw/cp-132-8005-c3c94-1.html

- https://www.twcert.org.tw/en/cp-139-8008-32677-2.html

- https://www.twcert.org.tw/tw/cp-132-8007-803d6-1.html

Product: Adobe Magento 2.4.7

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-39397

NVD References: https://helpx.adobe.com/security/products/magento/apsb24-61.html

Product: Palo Alto Networks Cortex XSOAR CommonScripts Pack

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5914

NVD References: https://security.paloaltonetworks.com/CVE-2024-5914

Product: Wurmlab SequenceServer

CVSS Score: 9.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42360

NVD References:

- https://github.com/wurmlab/sequenceserver/commit/457e52709f7f9ed2fceed59b3db564cb50785dba

- https://github.com/wurmlab/sequenceserver/security/advisories/GHSA-qv32-5wm2-p32h

Product: Adrianmercurio Vehicle Management System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7794

NVD References:

- https://github.com/ppp-src/ha/issues/5

- https://vuldb.com/?ctiid.274562

- https://vuldb.com/?id.274562

- https://vuldb.com/?submit.389900

Product: Oretnom23 Simple Online Bidding System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7797

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7798

NVD References:

- https://github.com/Wsstiger/cve/blob/main/Sourcecoster_sql.md

-https://vuldb.com/?ctiid.274650

- https://vuldb.com/?id.274650

- https://vuldb.com/?submit.390290

- https://github.com/Wsstiger/cve/blob/main/Sourcecoster_sql2.md

- https://vuldb.com/?ctiid.274651

- https://vuldb.com/?id.274651

- https://vuldb.com/?submit.390297

Product: Fabianros Job Portal

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7808

NVD References:

- https://github.com/XYgit-99/cve/issues/1

- https://vuldb.com/?ctiid.274704

- https://vuldb.com/?id.274704

- https://vuldb.com/?submit.390329

Product: Rems Daily Expenses Monitoring App

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7811

NVD References:

- https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/daily%20expenses%20monitoring%20app%20-%20delete-expense.php%20sql%20injection%20vulnerability.md

- https://vuldb.com/?ctiid.274707

- https://vuldb.com/?id.274707

- https://vuldb.com/?submit.390947

Product: D-Link DNS-120 and others

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7828

NVD References:

- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_set_cover.md

- https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383

- https://vuldb.com/?ctiid.274726

- https://vuldb.com/?id.274726

- https://vuldb.com/?submit.390114

Product: D-Link DNS-120 and others

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7829

NVD References:

- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_del_photo.md

- https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383

- https://vuldb.com/?ctiid.274727

- https://vuldb.com/?id.274727

- https://vuldb.com/?submit.390117

Product: D-Link DNS-120 and others

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7830

NVD References:

- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_move_photo.md

- https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383

- https://vuldb.com/?ctiid.274728

- https://vuldb.com/?id.274728

- https://vuldb.com/?submit.390118

Product: D-Link DNS-120 and others

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7831

NVD References:

- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_cooliris.md

- https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383

- https://vuldb.com/?ctiid.274729

- https://vuldb.com/?id.274729

- https://vuldb.com/?submit.390119

Product: D-Link DI-8100

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7833

NVD References:

- https://github.com/aLtEr6/pdf/blob/main/3.pdf

- https://vuldb.com/?ctiid.274731

- https://vuldb.com/?id.274731

- https://vuldb.com/?submit.385338

Product: Projectworlds Online Examination System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42843

NVD References: https://github.com/ganzhi-qcy/cve/issues/6

Product: Tenda FH1201

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42947

NVD References: https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1201/telnet.md

Product: Tenda FH1206

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42978

NVD References: https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/Tenda/FH1206/telnet.md

Product: Tenda AC9

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42634

NVD References: https://github.com/goldds96/Report/blob/main/Tenda/AC9/CI.md

Product: Totolink N350Rt

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42966

NVD References: https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/TOTOLINK/N350R/ExportSettings.md

Product: Totolink Lr350

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42967

NVD References: https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/TOTOLINK/LR350/ExportSettings.md

Product: Xiexe XSOverlay

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23168

NVD References:

- https://github.com/Xiexe/XSOverlay-Issue-Tracker

- https://store.steampowered.com/news/app/1173510?emclan=103582791465938574&emgid=7792991106417394332

- https://vuln.ryotak.net/advisories/70

Product: Friendica

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27730

NVD References:

- https://github.com/friendica/friendica/pull/13927

- https://leo.oliver.nz/posts/2024/05/friendica-cve-disclosures/

Product: Flatpak

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42472

NVD References:

- https://github.com/containers/bubblewrap/commit/68e75c3091c87583c28a439b45c45627a94d622c

- https://github.com/containers/bubblewrap/commit/a253257cd298892da43e15201d83f9a02c9b58b5

- https://github.com/flatpak/flatpak/commit/2cdd1e1e5ae90d7c3a4b60ce2e36e4d609e44e72

- https://github.com/flatpak/flatpak/commit/3caeb16c31a3ed62d744e2aaf01d684f7991051a

- https://github.com/flatpak/flatpak/commit/6bd603f6836e9b38b9b937d3b78f3fbf36e7ff75

- https://github.com/flatpak/flatpak/commit/7c63e53bb2af0aae9097fd2edfd6a9ba9d453e97

- https://github.com/flatpak/flatpak/commit/8a18137d7e80f0575e8defabf677d81e5cc3a788

- https://github.com/flatpak/flatpak/commit/db3a785241fda63bf53f0ec12bb519aa5210de19

- https://github.com/flatpak/flatpak/security/advisories/GHSA-7hgv-f2j8-xw87

Product: Asus RT-N15U

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42757

NVD References: https://github.com/Nop3z/CVE/blob/main/Asus/FW_RT_N15U_30043763754/FW_RT_N15U_30043763754%20RCE.md

Product: Kevinwong Online Food Ordering System

CVSS Score: 9.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7838

NVD References:

- https://github.com/ppp-src/a/issues/1

- https://vuldb.com/?ctiid.274742

- https://vuldb.com/?id.274742

- https://vuldb.com/?submit.391525

Product: Angeljudesuarez Billing System

CVSS Score: 9.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7839

NVD References:

- https://github.com/ppp-src/a/issues/2

- https://vuldb.com/?ctiid.274743

- https://vuldb.com/?id.274743

- https://vuldb.com/?submit.391531

Product: H3C R3010

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42637

NVD References:

- https://palm-vertebra-fe9.notion.site/H3C-R3010V100R002L02-was-discovered-to-contain-a-hardcoded-d3212602f84443d4b17e3247b3e6b129

- https://www.h3c.com/cn/d_202308/1907175_30005_0.htm

Product: H3C GR1100-P

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42639

NVD References:

- https://palm-vertebra-fe9.notion.site/H3C-GR1100-PV100R009-was-discovered-to-contain-a-hardcoded-824141daa44f4c52a914860c6e4a7684

- https://www.h3c.com/cn/d_202308/1912371_30005_0.htm

Product: Silverpeas

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42850

NVD References:

- http://silverpeas.com

- https://github.com/njmbb8/CVE-2024-42850

Product: InPost, InPost for WooCommerce

Active Installations: InPost PL: 7,000+; woo-InPost has been closed since August 8

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6500

NVD References:

- https://plugins.trac.wordpress.org/browser/inpost-for-woocommerce/trunk/src/InspireLabs/WoocommerceInpost/EasyPack_Helper.php#L267

- https://plugins.trac.wordpress.org/browser/inpost-for-woocommerce/trunk/src/InspireLabs/WoocommerceInpost/EasyPack_Helper.php#L75

- https://plugins.trac.wordpress.org/browser/woo-inpost/trunk/classes/class-helper.php#L140

- https://plugins.trac.wordpress.org/browser/woo-inpost/trunk/classes/class-helper.php#L216

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3115602%40inpost-for-woocommerce%2Ftrunk&old=3110579%40inpost-for-woocommerce%2Ftrunk&sfp_email=&sfph_mail=

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3125034%40woo-inpost%2Ftrunk&old=2886304%40woo-inpost%2Ftrunk&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/7b57e750-71ec-4c52-999b-6c14a78c3bff?source=cve

Product: TOTOLINK X6000R

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7907

NVD References:

- https://github.com/BeaCox/IoT_vuln/tree/main/totolink/x6000R/setSyslogCfg_injection

- https://vuldb.com/?ctiid.275033

- https://vuldb.com/?id.275033

- https://vuldb.com/?submit.388424

Product: TOTOLINK EX1200L

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7908

NVD References:

- https://github.com/BeaCox/IoT_vuln/tree/main/totolink/EX1200L/setDefResponse_bof

- https://vuldb.com/?ctiid.275034

- https://vuldb.com/?id.275034

- https://vuldb.com/?submit.388435

Product: TOTOLINK EX1200L

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7909

NVD References:

- https://github.com/BeaCox/IoT_vuln/tree/main/totolink/EX1200L/setLanguageCfg_bof

- https://vuldb.com/?ctiid.275035

- https://vuldb.com/?id.275035

- https://vuldb.com/?submit.388436

Product: Oretnom23 Simple Online Bidding System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7911

NVD References:

- https://github.com/Wsstiger/cve/blob/main/simple_include.md

- https://vuldb.com/?ctiid.275037

- https://vuldb.com/?id.275037

- https://vuldb.com/?submit.391657

Product: Angeljudesuarez Billing System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7913

NVD References:

- https://github.com/ppp-src/a/issues/4

- https://vuldb.com/?ctiid.275039

- https://vuldb.com/?id.275039

- https://vuldb.com/?submit.391841

Product: Microcks

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44076

NVD References:

- https://github.com/microcks/microcks/compare/1.9.1-fix-1...1.10.0

- https://github.com/microcks/microcks/issues/1212

- https://github.com/microcks/microcks/releases/tag/1.10.0

Product: Hex-Rays IDA Pro

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-44083

NVD References: https://github.com/Azvanzed/IdaMeme

Product: GEO my WP WordPress plugin

Active Installations: 5,000+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6330

NVD References: https://wpscan.com/vulnerability/95b532e0-1ffb-421e-b9c0-de03f89491d7/

Product: Opensecurity Mobile Security Framework

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43399

NVD References:

- https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/cc625fe8430f3437a473e82aa2966d100a4dc883

- https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-4hh3-vj32-gr6j

Product: D-Link DNS-120 and others

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7922

NVD References:

- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_create_playlist.md

- https://github.com/BuaaIOTTeam/Iot_Dlink_NAS/blob/main/DNS_cgi_get_tracks_list.md

- https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383

- https://vuldb.com/?ctiid.275108

- https://vuldb.com/?id.275108

- https://vuldb.com/?submit.391669

Product: Liquid Web GiveWP

Active Installations: 100,000+

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-37099

NVD References: https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-3-14-1-unauthenticated-php-object-injection-vulnerability?_s_id=cve

Product: Nepstech NTPL-XPON1GFEVN

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42658

NVD References:

- https://github.com/sudo-subho/CVE-2024-42658

- https://www.linkedin.com/in/subhodeep-baroi-397629252/

- https://x.com/sudo_subho

CVE-2024-43240 - Ultimate Membership Pro is vulnerable to Privilege Escalation due to Improper Privilege Management, impacting versions up to 12.6.

Product: azzaroco Ultimate Membership Pro

Active Installations: 100+

CVSS Score: 9.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43240

NVD References: https://patchstack.com/database/vulnerability/indeed-membership-pro/wordpress-indeed-ultimate-membership-pro-plugin-12-6-unauthenticated-privilege-escalation-vulnerability?_s_id=cve

CVE-2024-43242 - Ultimate Membership Pro is vulnerable to deserialization of untrusted data which allows object injection, affecting versions from n/a through 12.6.

Product: azzaroco Ultimate Membership Pro

Active Installations: 100+

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43242

NVD References: https://patchstack.com/database/vulnerability/indeed-membership-pro/wordpress-indeed-ultimate-membership-pro-plugin-12-6-unauthenticated-php-object-injection-vulnerability?_s_id=cve

CVE-2024-43245 - Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This issue affects JobSearch: from n/a through 2.3.4.

Product: eyecix JobSearch

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43245

NVD References: https://patchstack.com/database/vulnerability/wp-jobsearch/wordpress-jobsearch-plugin-2-3-4-unauthenticated-account-takeover-vulnerability?_s_id=cve

CVE-2024-43249 - Bit Form Pro allows Command Injection through an Unrestricted Upload of File with Dangerous Type vulnerability.

Product: Bit Apps Bit Form Pro

Active Installations:

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43249

NVD References: https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-authenticated-arbitrary-file-upload-vulnerability?_s_id=cve

CVE-2024-43252 - Deserialization of Untrusted Data vulnerability in Crew HRM allows Object Injection.This issue affects Crew HRM: from n/a through 1.1.1.

Product: Crew HRM

Active Installations: 80+

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43252

NVD References: https://patchstack.com/database/vulnerability/hr-management/wordpress-crew-hrm-plugin-1-1-1-php-object-injection-vulnerability?_s_id=cve

CVE-2024-43261 - Compute Links by Hamed Naderfar is vulnerable to PHP Remote File Inclusion from versions n/a through 1.2.1.

Product: Hamed Naderfar Compute Links

Active Installations: unknown

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43261

NVD References: https://patchstack.com/database/vulnerability/compute-links/wordpress-compute-links-plugin-1-2-1-remote-file-inclusion-vulnerability?_s_id=cve

CVE-2024-42813 - TRENDnet TEW-752DRU FW1.03B01 is vulnerable to a buffer overflow in gena.cgi, allowing attackers to crash the device or execute arbitrary commands.

Product: TRENDnet TEW-752DRU

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42813

NVD References: https://gist.github.com/XiaoCurry/204680035c1efffa27d14956820ad928

CVE-2024-43311 - Geek Code Lab Login As Users allows Privilege Escalation due to Improper Privilege Management from n/a through 1.4.2.

Product: Geek Code Lab Login As Users

Active Installations: 300+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43311

NVD References: https://patchstack.com/database/vulnerability/login-as-users/wordpress-login-as-users-plugin-1-4-2-broken-authentication-vulnerability?_s_id=cve

CVE-2024-43354 - Deserialization of Untrusted Data vulnerability in myCred allows Object Injection.This issue affects myCred: from n/a through 2.7.2.

Product: myCred

Active Installations: 10,000+

CVSS Score: 9.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43354

NVD References: https://patchstack.com/database/vulnerability/mycred/wordpress-mycred-plugin-2-7-2-php-object-injection-vulnerability?_s_id=cve

CVE-2024-5932 - The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection via deserialization of untrusted input, allowing attackers to execute remote code and delete files.

Product: GiveWP Donation Plugin

Active Installations: 100,000+

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5932

NVD References:

- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/includes/login-register.php#L235

- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/includes/process-donation.php#L420

- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/src/DonorDashboards/Tabs/EditProfileTab/AvatarRoute.php#L51

- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/vendor/tecnickcom/tcpdf/tcpdf.php#L7861

- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/vendor/vendor-prefixed/fakerphp/faker/src/Faker/ValidGenerator.php#L80

- https://plugins.trac.wordpress.org/changeset/3132247/

- https://www.wordfence.com/blog/2024/08/4998-bounty-awarded-and-100000-wordpress-sites-protected-against-unauthenticated-remote-code-execution-vulnerability-patched-in-givewp-wordpress-plugin/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/93e2d007-8157-42c5-92ad-704dc80749a3?source=cve

CVE-2024-7777 - The Contact Form by Bit Form for WordPress is vulnerable to arbitrary file read and deletion, allowing authenticated attackers to potentially achieve remote code execution.

Product: Bit Form The Contact Form

Active Installations: 6,000+

CVSS Score: 9.0 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7777

NVD References:

- https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L829

- https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L852

- https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L875

- https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L898

- https://www.wordfence.com/threat-intel/vulnerabilities/id/4deb128d-0163-4a8e-9591-87352f74c3ef?source=cve

CVE-2024-6847 - The Chatbot with ChatGPT WordPress plugin before 2.4.5 is vulnerable to SQL injection via unauthenticated user-submitted messages.

Product: ChatGPT Chatbot

Active Installations: 30+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6847

NVD References: https://wpscan.com/vulnerability/baa860bb-3b7d-438a-ad54-92bf8e21e851/

CVE-2024-43202 - Apache DolphinScheduler is vulnerable to remote code execution before version 3.2.2, users should update to the latest version to fix the issue.

Product: Apache DolphinScheduler

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43202

NVD References:

- https://github.com/apache/dolphinscheduler/pull/15758

- https://lists.apache.org/thread/nlmdp7q7l7o3l27778vxc5px24ncr5r5

- https://lists.apache.org/thread/qbhk9wqyxhrn4z7m4m343wqxpwg926nh

- https://www.cve.org/CVERecord?id=CVE-2023-49109

CVE-2024-42558 - Hotel Management System commit 91caab8 was discovered to contain a SQL injection vulnerability via the book_id parameter at admin_modify_room.php.

Product: Hotel Management System admin_modify_room

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42558

NVD References: https://gist.github.com/topsky979/9651b4977e86f5b1bcae7a8959ff3342

CVE-2024-42559 - Hotel Management System has a vulnerability in its login component that allows attackers to authenticate without a valid password.

Product: Hotel Management System commit 79d688

CVSS Score: 9.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42559

NVD References: https://gist.github.com/topsky979/99d2ebf7b5598ef227262ba1b2bb392f/edit

CVE-2024-42562 - Pharmacy Management System commit a2efc8 was discovered to contain a SQL injection vulnerability via the invoice_number parameter at preview.php.

Product: Pharmacy Management System commit a2efc8

CVSS Score: 9.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42562

NVD References: https://gist.github.com/topsky979/2dcca275bcc18e8058cefef714a2f61b

CVE-2024-42565 - ERP commit 44bd04 was discovered to contain a SQL injection vulnerability via the id parameter at /index.php/basedata/contact/delete?action=delete.

Product: ERP commit 44bd04

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42565

NVD References: https://gist.github.com/topsky979/648f2cd4f5e58560cbc9308d06e2f876

CVE-2024-42567, CVE-2024-42569, CVE-2024-42570, CVE-2024-42571, CVE-2024-42574, CVE-2024-4257 - School Management System commit bae5aa was discovered to contain SQL injection vulnerabilities

Product: School Management System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42567

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42569

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42570

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42571

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42574

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42575

NVD References: https://gist.github.com/topsky979/20a81dbf47d371e1dabe08f350c8185d

NVD References: https://gist.github.com/topsky979/1d9ebca101fc5e30040436d70e522102

NVD References: https://gist.github.com/topsky979/5c8e289fa66702fd3acbed558ee449dd

NVD References: https://gist.github.com/topsky979/7064f8bbd3977ee665a098efcd0170c0

NVD References: https://gist.github.com/topsky979/2fddc00b33b038cd778c1e4fb1936a15

CVE-2024-42581 - A Cross-Site Request Forgery (CSRF) in the component delete_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.

Product: Warehouse Inventory System v2.0

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42581

NVD References: https://gist.github.com/topsky979/2bd26343ccdff7c759f62d332c8caff6

CVE-2024-33872 - Keyfactor Command versions 10.5.x before 10.5.1 and 11.5.x before 11.5.1 are vulnerable to SQL Injection leading to code execution and privilege escalation.

Product: Keyfactor Command

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-33872

NVD References: https://trust.keyfactor.com/?itemUid=d73921fd-bc9e-4e35-a974-cfb628e6a226&source=click

CVE-2024-30949 - Newlib v.4.3.0 allows an attacker to execute arbitrary code through a vulnerability in the _gettimeofday function.

Product: Newlib

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30949

NVD References:

- https://gist.github.com/visitorckw/6b26e599241ea80210ea136b28441661

- https://inbox.sourceware.org/newlib/20231129035714.469943-1-visitorckw%40gmail.com/

- https://sourceware.org/git/?p=newlib-cygwin.git%3Ba=commit%3Bh=5f15d7c5817b07a6b18cbab17342c95cb7b42be4

CVE-2024-43404 - MEGABOT prior to version 1.5.0 has a remote code execution vulnerability through the `/math` command in Discord.

Product: MEGABOT

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43404

NVD References:

- https://github.com/NicPWNs/MEGABOT/commit/71e79e5581ea36313700385b112d863053fb7ed6

- https://github.com/NicPWNs/MEGABOT/issues/137

- https://github.com/NicPWNs/MEGABOT/pull/138

- https://github.com/NicPWNs/MEGABOT/releases/tag/v1.5.0

- https://github.com/NicPWNs/MEGABOT/security/advisories/GHSA-vhxp-4hwq-w3p2

CVE-2024-27185 - The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors.

Product: Joomla! CMS versions 3.0.0-3.10.16-elts, 4.0.0-4.4.6, 5.0.0-5.1.2

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27185

NVD References: https://developer.joomla.org/security-centre/942-20240802-core-cache-poisoning-in-pagination.html

CVE-2024-38175 - Azure Managed Instance for Apache Cassandra has an improper access control vulnerability allowing an authenticated attacker to elevate privileges over a network.

Product: Microsoft Azure Managed Instance for Apache Cassandra

CVSS Score: 9.6

NVD:

Product: Nepstech NTPL-XPON1GFEVN

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42658

NVD References:

- https://github.com/sudo-subho/CVE-2024-42658

- https://www.linkedin.com/in/subhodeep-baroi-397629252/

- https://x.com/sudo_subho

Product: azzaroco Ultimate Membership ProActive Installations: 100+CVSS Score: 9.4NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43240NVD References: https://patchstack.com/database/vulnerability/indeed-membership-pro/wordpress-indeed-ultimate-membership-pro-plugin-12-6-unauthenticated-privilege-escalation-vulnerability?_s_id=cveCVE-2024-43242 - Ultimate Membership Pro is vulnerable to deserialization of untrusted data which allows object injection, affecting versions from n/a through 12.6.Product: azzaroco Ultimate Membership ProActive Installations: 100+CVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43242NVD References: https://patchstack.com/database/vulnerability/indeed-membership-pro/wordpress-indeed-ultimate-membership-pro-plugin-12-6-unauthenticated-php-object-injection-vulnerability?_s_id=cveCVE-2024-43245 - Improper Privilege Management vulnerability in eyecix JobSearch allows Privilege Escalation.This issue affects JobSearch: from n/a through 2.3.4.Product: eyecix JobSearchActive Installations: unknownCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43245NVD References: https://patchstack.com/database/vulnerability/wp-jobsearch/wordpress-jobsearch-plugin-2-3-4-unauthenticated-account-takeover-vulnerability?_s_id=cveCVE-2024-43249 - Bit Form Pro allows Command Injection through an Unrestricted Upload of File with Dangerous Type vulnerability.Product: Bit Apps Bit Form ProActive Installations:CVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43249NVD References: https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-authenticated-arbitrary-file-upload-vulnerability?_s_id=cveCVE-2024-43252 - Deserialization of Untrusted Data vulnerability in Crew HRM allows Object Injection.This issue affects Crew HRM: from n/a through 1.1.1.Product: Crew HRMActive Installations: 80+CVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43252NVD References: https://patchstack.com/database/vulnerability/hr-management/wordpress-crew-hrm-plugin-1-1-1-php-object-injection-vulnerability?_s_id=cveCVE-2024-43261 - Compute Links by Hamed Naderfar is vulnerable to PHP Remote File Inclusion from versions n/a through 1.2.1.Product: Hamed Naderfar Compute LinksActive Installations: unknownCVSS Score: 9.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43261NVD References: https://patchstack.com/database/vulnerability/compute-links/wordpress-compute-links-plugin-1-2-1-remote-file-inclusion-vulnerability?_s_id=cveCVE-2024-42813 - TRENDnet TEW-752DRU FW1.03B01 is vulnerable to a buffer overflow in gena.cgi, allowing attackers to crash the device or execute arbitrary commands.Product: TRENDnet TEW-752DRUCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42813NVD References: https://gist.github.com/XiaoCurry/204680035c1efffa27d14956820ad928CVE-2024-43311 - Geek Code Lab Login As Users allows Privilege Escalation due to Improper Privilege Management from n/a through 1.4.2.Product: Geek Code Lab Login As UsersActive Installations: 300+CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43311NVD References: https://patchstack.com/database/vulnerability/login-as-users/wordpress-login-as-users-plugin-1-4-2-broken-authentication-vulnerability?_s_id=cveCVE-2024-43354 - Deserialization of Untrusted Data vulnerability in myCred allows Object Injection.This issue affects myCred: from n/a through 2.7.2.Product: myCredActive Installations: 10,000+CVSS Score: 9.8 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43354NVD References: https://patchstack.com/database/vulnerability/mycred/wordpress-mycred-plugin-2-7-2-php-object-injection-vulnerability?_s_id=cveCVE-2024-5932 - The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection via deserialization of untrusted input, allowing attackers to execute remote code and delete files.Product: GiveWP Donation PluginActive Installations: 100,000+CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5932NVD References: - https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/includes/login-register.php#L235- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/includes/process-donation.php#L420- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/src/DonorDashboards/Tabs/EditProfileTab/AvatarRoute.php#L51- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/vendor/tecnickcom/tcpdf/tcpdf.php#L7861- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/vendor/vendor-prefixed/fakerphp/faker/src/Faker/ValidGenerator.php#L80- https://plugins.trac.wordpress.org/changeset/3132247/- https://www.wordfence.com/blog/2024/08/4998-bounty-awarded-and-100000-wordpress-sites-protected-against-unauthenticated-remote-code-execution-vulnerability-patched-in-givewp-wordpress-plugin/- https://www.wordfence.com/threat-intel/vulnerabilities/id/93e2d007-8157-42c5-92ad-704dc80749a3?source=cveCVE-2024-7777 - The Contact …

Product: eyecix JobSearch

Active Installations: unknown

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43245

NVD References: https://patchstack.com/database/vulnerability/wp-jobsearch/wordpress-jobsearch-plugin-2-3-4-unauthenticated-account-takeover-vulnerability?_s_id=cve

Product: Bit Apps Bit Form Pro

Active Installations:

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43249

NVD References: https://patchstack.com/database/vulnerability/bitformpro/wordpress-bit-form-pro-plugin-2-6-4-authenticated-arbitrary-file-upload-vulnerability?_s_id=cve

Product: Crew HRM

Active Installations: 80+

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43252

NVD References: https://patchstack.com/database/vulnerability/hr-management/wordpress-crew-hrm-plugin-1-1-1-php-object-injection-vulnerability?_s_id=cve

Product: Hamed Naderfar Compute Links

Active Installations: unknown

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43261

NVD References: https://patchstack.com/database/vulnerability/compute-links/wordpress-compute-links-plugin-1-2-1-remote-file-inclusion-vulnerability?_s_id=cve

Product: TRENDnet TEW-752DRU

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42813

NVD References: https://gist.github.com/XiaoCurry/204680035c1efffa27d14956820ad928

Product: Geek Code Lab Login As Users

Active Installations: 300+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43311

NVD References: https://patchstack.com/database/vulnerability/login-as-users/wordpress-login-as-users-plugin-1-4-2-broken-authentication-vulnerability?_s_id=cve

Product: myCred

Active Installations: 10,000+

CVSS Score: 9.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43354

NVD References: https://patchstack.com/database/vulnerability/mycred/wordpress-mycred-plugin-2-7-2-php-object-injection-vulnerability?_s_id=cve

Product: GiveWP Donation Plugin

Active Installations: 100,000+

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-5932

NVD References:

- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/includes/login-register.php#L235

- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/includes/process-donation.php#L420

- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/src/DonorDashboards/Tabs/EditProfileTab/AvatarRoute.php#L51

- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/vendor/tecnickcom/tcpdf/tcpdf.php#L7861

- https://plugins.trac.wordpress.org/browser/give/tags/3.12.0/vendor/vendor-prefixed/fakerphp/faker/src/Faker/ValidGenerator.php#L80

- https://plugins.trac.wordpress.org/changeset/3132247/

- https://www.wordfence.com/blog/2024/08/4998-bounty-awarded-and-100000-wordpress-sites-protected-against-unauthenticated-remote-code-execution-vulnerability-patched-in-givewp-wordpress-plugin/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/93e2d007-8157-42c5-92ad-704dc80749a3?source=cve

Product: Bit Form The Contact Form

Active Installations: 6,000+

CVSS Score: 9.0 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-7777

NVD References:

- https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L829

- https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L852

- https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L875

- https://plugins.trac.wordpress.org/browser/bit-form/tags/2.13.3/includes/Admin/AdminAjax.php#L898

- https://www.wordfence.com/threat-intel/vulnerabilities/id/4deb128d-0163-4a8e-9591-87352f74c3ef?source=cve

Product: ChatGPT Chatbot

Active Installations: 30+

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-6847

NVD References: https://wpscan.com/vulnerability/baa860bb-3b7d-438a-ad54-92bf8e21e851/

Product: Apache DolphinScheduler

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43202

NVD References:

- https://github.com/apache/dolphinscheduler/pull/15758

- https://lists.apache.org/thread/nlmdp7q7l7o3l27778vxc5px24ncr5r5

- https://lists.apache.org/thread/qbhk9wqyxhrn4z7m4m343wqxpwg926nh

- https://www.cve.org/CVERecord?id=CVE-2023-49109

Product: Hotel Management System admin_modify_room

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42558

NVD References: https://gist.github.com/topsky979/9651b4977e86f5b1bcae7a8959ff3342

Product: Hotel Management System commit 79d688

CVSS Score: 9.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42559

NVD References: https://gist.github.com/topsky979/99d2ebf7b5598ef227262ba1b2bb392f/edit

Product: Pharmacy Management System commit a2efc8

CVSS Score: 9.8 AtRiskScore 30

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42562

NVD References: https://gist.github.com/topsky979/2dcca275bcc18e8058cefef714a2f61b

Product: ERP commit 44bd04

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42565

NVD References: https://gist.github.com/topsky979/648f2cd4f5e58560cbc9308d06e2f876

Product: School Management System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42567

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42569

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42570

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42571

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42574

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42575

NVD References: https://gist.github.com/topsky979/20a81dbf47d371e1dabe08f350c8185d

NVD References: https://gist.github.com/topsky979/1d9ebca101fc5e30040436d70e522102

NVD References: https://gist.github.com/topsky979/5c8e289fa66702fd3acbed558ee449dd

NVD References: https://gist.github.com/topsky979/7064f8bbd3977ee665a098efcd0170c0

NVD References: https://gist.github.com/topsky979/2fddc00b33b038cd778c1e4fb1936a15

Product: Warehouse Inventory System v2.0

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-42581

NVD References: https://gist.github.com/topsky979/2bd26343ccdff7c759f62d332c8caff6

Product: Keyfactor Command

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-33872

NVD References: https://trust.keyfactor.com/?itemUid=d73921fd-bc9e-4e35-a974-cfb628e6a226&source=click

Product: Newlib

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30949

NVD References:

- https://gist.github.com/visitorckw/6b26e599241ea80210ea136b28441661

- https://inbox.sourceware.org/newlib/20231129035714.469943-1-visitorckw%40gmail.com/

- https://sourceware.org/git/?p=newlib-cygwin.git%3Ba=commit%3Bh=5f15d7c5817b07a6b18cbab17342c95cb7b42be4

Product: MEGABOT

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-43404

NVD References:

- https://github.com/NicPWNs/MEGABOT/commit/71e79e5581ea36313700385b112d863053fb7ed6

- https://github.com/NicPWNs/MEGABOT/issues/137

- https://github.com/NicPWNs/MEGABOT/pull/138

- https://github.com/NicPWNs/MEGABOT/releases/tag/v1.5.0

- https://github.com/NicPWNs/MEGABOT/security/advisories/GHSA-vhxp-4hwq-w3p2

Product: Joomla! CMS versions 3.0.0-3.10.16-elts, 4.0.0-4.4.6, 5.0.0-5.1.2

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27185

NVD References: https://developer.joomla.org/security-centre/942-20240802-core-cache-poisoning-in-pagination.html

Product: Microsoft Azure Managed Instance for Apache CassandraCVSS Score: 9.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-38175NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38175…