In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between May 20-21, 2024.
During this period, The National Vulnerability Database published 124, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 2
High: 20
Medium: 18
Low: 3
Severity Not Assigned: 81
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-5116
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, has been found in SourceCodester Online Examination System 1.0. Affected by this issue is some unknown functionality of the file save.php. The manipulation of the argument vote leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265196.
References: https://github.com/polaris0x1/CVE/issues/3
https://vuldb.com/?ctiid.265196
https://vuldb.com/?id.265196
https://vuldb.com/?submit.338578
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-5117
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. This affects an unknown part of the file portal.php. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265197 was assigned to this vulnerability.
References: https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%201.md
https://vuldb.com/?ctiid.265197
https://vuldb.com/?id.265197
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-5118
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability has been found in SourceCodester Event Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-265198 is the identifier assigned to this vulnerability.
References: https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%201.md
https://vuldb.com/?ctiid.265198
https://vuldb.com/?id.265198
https://vuldb.com/?submit.338612
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-5122
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Event Registration System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registrar/. The manipulation of the argument search leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-265202 is the identifier assigned to this vulnerability.
References: https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%204.md
https://vuldb.com/?ctiid.265202
https://vuldb.com/?id.265202
https://vuldb.com/?submit.338615
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-1968
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only change the scheme (e.g., HTTPS to HTTP) but remain within the same domain. This behavior contravenes the Fetch standard, which mandates the removal of Authorization headers in cross-origin requests when the scheme, host, or port changes. Consequently, when a redirect downgrades from HTTPS to HTTP, the Authorization header may be inadvertently exposed in plaintext, leading to potential sensitive information disclosure to unauthorized actors. The flaw is located in the _build_redirect_request function of the redirect middleware.
References: https://github.com/scrapy/scrapy/commit/1d0502f25bbe55a22899af915623fda1aaeb9dd8
https://huntr.com/bounties/27f6a021-a891-446a-ada5-0226d619dd1a
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-3761
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.2
Description: In lunary-ai/lunary version 1.2.2, the DELETE endpoint located at `packages/backend/src/api/v1/datasets` is vulnerable to unauthorized dataset deletion due to missing authorization and authentication mechanisms. This vulnerability allows any user, even those without a valid token, to delete a dataset by sending a DELETE request to the endpoint. The issue was fixed in version 1.2.8. The impact of this vulnerability is significant as it permits unauthorized users to delete datasets, potentially leading to data loss or disruption of service.
References: https://github.com/lunary-ai/lunary/commit/14078c1d2b8766075bf655f187ece24c7a787776
https://huntr.com/bounties/e95fb0a0-e54a-4da8-a33d-ba858d0cec55
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-5135
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in PHPGurukul Directory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265211.
References: https://github.com/BurakSevben/CVEs/blob/main/Directory%20Management%20System/Directory%20Management%20System%20-%20SQL%20Injection%20-%201.md
https://vuldb.com/?ctiid.265211
https://vuldb.com/?id.265211
https://vuldb.com/?submit.339121
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-4323
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution.
References: https://github.com/fluent/fluent-bit/commit/9311b43a258352797af40749ab31a63c32acfd04
https://tenable.com/security/research/tra-2024-17
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-49330
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-27312
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.2
Description: Zoho ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a low-privileged user to perform admin actions.
Note: This vulnerability affects only the PAM360 6600 version. No other versions are applicable to this vulnerability.
References: https://www.manageengine.com/privileged-access-management/advisory/cve-2024-27312.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-4287
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.2
Description: In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to `/api/workspace/:workspace-slug/update`, allowing it to be executed as part of a database query without restrictions. This flaw enables users with a manager role to craft a request that includes nested write operations, effectively allowing them to create new Administrator accounts.
References: https://github.com/mintplex-labs/anything-llm/commit/94b58249a37a21b1c08deaa2d1edfdecbb6deb18
https://huntr.com/bounties/34491fb7-5133-4e80-8782-74124350bbdb
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-2835
Base Score: 8.7
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 5.8
Description: A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited.
References: https://portal.microfocus.com/s/article/KM000029773
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-3482
Base Score: 8.7
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 5.8
Description: A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited.
References: https://portal.microfocus.com/s/article/KM000029773
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-4151
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: An Improper Access Control vulnerability exists in lunary-ai/lunary version 1.2.2, where users can view and update any prompts in any projects due to insufficient access control checks in the handling of PATCH and GET requests for template versions. This vulnerability allows unauthorized users to manipulate or access sensitive project data, potentially leading to data integrity and confidentiality issues.
References: https://huntr.com/bounties/4acfef85-dedf-43bd-8438-0d8aaa4ffa01
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-0401
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U, ASUS RT-AC67U, ASUS RT-AC68R, ASUS RT-AC68U, ASUS RT-AX86, ASUS RT-AC86U, ASUS RT-AX88U, and ASUS RT-AX3000.
References: https://vulncheck.com/advisories/asus-ovpn-rce
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-49331
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-49332
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-49333
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-49334
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
20. CVE-2023-49335
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-29000
Base Score: 7.9
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 6.0
Description: The SolarWinds Platform was determined to be affected by a reflected cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability.
References: https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2024-1-1_release_notes.htm
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-29000
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-34710
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.2
Description: Wiki.js is al wiki app built on Node.js. Client side template injection was discovered, that could allow an attacker to inject malicious JavaScript into the content section of pages that would execute once a victim loads the page that contains the payload. This was possible through the injection of a invalid HTML tag with a template injection payload on the next line. This vulnerability is fixed in 2.5.303.
References: https://github.com/requarks/wiki/commit/1238d614e1599fefadd4614ee4b5797a087f50ac
https://github.com/requarks/wiki/security/advisories/GHSA-xjcj-p2qv-q3rf
CWE-ID: CWE-1336
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between May 20-21, 2024.
During this period, The National Vulnerability Database published 124, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 2
High: 20
Medium: 18
Low: 3
Severity Not Assigned: 81
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-5116
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, has been found in SourceCodester Online Examination System 1.0. Affected by this issue is some unknown functionality of the file save.php. The manipulation of the argument vote leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-265196.
References: https://github.com/polaris0x1/CVE/issues/3
https://vuldb.com/?ctiid.265196
https://vuldb.com/?id.265196
https://vuldb.com/?submit.338578
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
2. CVE-2024-5117
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, was found in SourceCodester Event Registration System 1.0. This affects an unknown part of the file portal.php. The manipulation of the argument username/password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265197 was assigned to this vulnerability.
References: https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%201.md
https://vuldb.com/?ctiid.265197
https://vuldb.com/?id.265197
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
3. CVE-2024-5118
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability has been found in SourceCodester Event Registration System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-265198 is the identifier assigned to this vulnerability.
References: https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%201.md
https://vuldb.com/?ctiid.265198
https://vuldb.com/?id.265198
https://vuldb.com/?submit.338612
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
4. CVE-2024-5122
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Event Registration System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registrar/. The manipulation of the argument search leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-265202 is the identifier assigned to this vulnerability.
References: https://github.com/BurakSevben/CVEs/blob/main/Event%20Registration%20System/Event%20Registration%20System%20-%20SQL%20Injection%20-%204.md
https://vuldb.com/?ctiid.265202
https://vuldb.com/?id.265202
https://vuldb.com/?submit.338615
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-1968
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only change the scheme (e.g., HTTPS to HTTP) but remain within the same domain. This behavior contravenes the Fetch standard, which mandates the removal of Authorization headers in cross-origin requests when the scheme, host, or port changes. Consequently, when a redirect downgrades from HTTPS to HTTP, the Authorization header may be inadvertently exposed in plaintext, leading to potential sensitive information disclosure to unauthorized actors. The flaw is located in the _build_redirect_request function of the redirect middleware.
References: https://github.com/scrapy/scrapy/commit/1d0502f25bbe55a22899af915623fda1aaeb9dd8
https://huntr.com/bounties/27f6a021-a891-446a-ada5-0226d619dd1a
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-3761
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.2
Description: In lunary-ai/lunary version 1.2.2, the DELETE endpoint located at `packages/backend/src/api/v1/datasets` is vulnerable to unauthorized dataset deletion due to missing authorization and authentication mechanisms. This vulnerability allows any user, even those without a valid token, to delete a dataset by sending a DELETE request to the endpoint. The issue was fixed in version 1.2.8. The impact of this vulnerability is significant as it permits unauthorized users to delete datasets, potentially leading to data loss or disruption of service.
References: https://github.com/lunary-ai/lunary/commit/14078c1d2b8766075bf655f187ece24c7a787776
https://huntr.com/bounties/e95fb0a0-e54a-4da8-a33d-ba858d0cec55
CWE-ID: CWE-862
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-5135
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in PHPGurukul Directory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-265211.
References: https://github.com/BurakSevben/CVEs/blob/main/Directory%20Management%20System/Directory%20Management%20System%20-%20SQL%20Injection%20-%201.md
https://vuldb.com/?ctiid.265211
https://vuldb.com/?id.265211
https://vuldb.com/?submit.339121
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-4323
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, information disclosure, or remote code execution.
References: https://github.com/fluent/fluent-bit/commit/9311b43a258352797af40749ab31a63c32acfd04
https://tenable.com/security/research/tra-2024-17
CWE-ID: CWE-122
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-49330
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while getting aggregate report data.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
10. CVE-2024-27312
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.2
Description: Zoho ManageEngine PAM360 version 6601 is vulnerable to authorization vulnerability which allows a low-privileged user to perform admin actions.
Note: This vulnerability affects only the PAM360 6600 version. No other versions are applicable to this vulnerability.
References: https://www.manageengine.com/privileged-access-management/advisory/cve-2024-27312.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-4287
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.2
Description: In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to `/api/workspace/:workspace-slug/update`, allowing it to be executed as part of a database query without restrictions. This flaw enables users with a manager role to craft a request that includes nested write operations, effectively allowing them to create new Administrator accounts.
References: https://github.com/mintplex-labs/anything-llm/commit/94b58249a37a21b1c08deaa2d1edfdecbb6deb18
https://huntr.com/bounties/34491fb7-5133-4e80-8782-74124350bbdb
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-2835
Base Score: 8.7
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 5.8
Description: A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited.
References: https://portal.microfocus.com/s/article/KM000029773
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-3482
Base Score: 8.7
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 5.8
Description: A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Enterprise Security Manager and ArcSight Platform. The vulnerability could be remotely exploited.
References: https://portal.microfocus.com/s/article/KM000029773
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-4151
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: An Improper Access Control vulnerability exists in lunary-ai/lunary version 1.2.2, where users can view and update any prompts in any projects due to insufficient access control checks in the handling of PATCH and GET requests for template versions. This vulnerability allows unauthorized users to manipulate or access sensitive project data, potentially leading to data integrity and confidentiality issues.
References: https://huntr.com/bounties/4acfef85-dedf-43bd-8438-0d8aaa4ffa01
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-0401
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability. An authenticated and remote attacker can execute arbitrary operating system commands by uploading a crafted OVPN profile. Known affected routers include ASUS ExpertWiFi, ASUS RT-AX55, ASUS RT-AX58U, ASUS RT-AC67U, ASUS RT-AC68R, ASUS RT-AC68U, ASUS RT-AX86, ASUS RT-AC86U, ASUS RT-AX88U, and ASUS RT-AX3000.
References: https://vulncheck.com/advisories/asus-ovpn-rce
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-49331
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the aggregate reports search option.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-49332
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while adding file shares.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-49333
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection in the dashboard graph feature.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-49334
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL Injection while exporting a full summary report.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
20. CVE-2023-49335
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: Zoho ManageEngine ADAudit Plus versions below 7271 allows SQL injection while getting file server details.
References: https://www.manageengine.com/products/active-directory-audit/sqlfix-7271.html
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
21. CVE-2024-29000
Base Score: 7.9
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 6.0
Description: The SolarWinds Platform was determined to be affected by a reflected cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability.
References: https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2024-1-1_release_notes.htm
https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-29000
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
22. CVE-2024-34710
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.2
Description: Wiki.js is al wiki app built on Node.js. Client side template injection was discovered, that could allow an attacker to inject malicious JavaScript into the content section of pages that would execute once a victim loads the page that contains the payload. This was possible through the injection of a invalid HTML tag with a template injection payload on the next line. This vulnerability is fixed in 2.5.303.
References: https://github.com/requarks/wiki/commit/1238d614e1599fefadd4614ee4b5797a087f50ac
https://github.com/requarks/wiki/security/advisories/GHSA-xjcj-p2qv-q3rf
CWE-ID: CWE-1336
Common Platform Enumerations (CPE): Not Found