Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2024-29640 — An issue in aliyundrive-webdav v.2.3.3 and before allows a remote attacker to execute arbitrary
An issue in aliyundrive-webdav v.2.3.3 and before allows a remote attacker to execute arbitrary code via a crafted payload to the sid parameter in the action_query_qrcode component. CVSSv3.1 9.8 (CRITICAL) · EPSS 70th percentile
CVE-2024-30488 — Katieseaborn Zotpress: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Katie Zotpress zotpress.This issue affects Zotpress: from n/a through <= 7.3.7. CVSSv3.1 8.5 (HIGH)
CVE-2023-6191 — Webpdks Webpdks: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Egehan Security WebPDKS allows SQL Injection. This issue affects WebPDKS: through 20240329. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. CVSSv3.1 9.8 (CRITICAL) · EPSS 30th percentile
CVE-2024-2411 — Stylemixthemes Masterstudy_lms: The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all
The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.0 via the 'modal' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and inclu CVSSv3.1 9.8 (CRITICAL) · EPSS 87th percentile
CVE-2024-2409 — Stylemixthemes Masterstudy_lms: The MasterStudy LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions
The MasterStudy LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.3.1. This is due to insufficient validation checks within the _register_user() function called by the 'wp_ajax_nopriv_stm_lms_register' AJAX action. This makes it possible for unauthenticated attackers to register a user with administrator-level privileges when MasterStudy LMS Pro is installed and the LMS Forms Editor add-on is enabled. CVSSv3.1 9.8 (CRITICAL) · EPSS 48th percentile
CVE-2024-1872 — Button: The Button plugin for WordPress is vulnerable to PHP Object Injection in all versions
The Button plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1.27 via deserialization of untrusted input in the button_shortcode function. This makes it possible for authenticated attackers, with contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker CVSSv3.1 8.8 (HIGH) · EPSS 79th percentile
CVE-2024-28960 — Arm Mbed_crypto: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory. CVSSv3.1 8.2 (HIGH) · EPSS 35th percentile
CVE-2024-28714 — Crmeb Crmeb_java: SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary
SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid parameter. CVSSv3.1 8.1 (HIGH) · EPSS 53th percentile
CVE-2024-28713 — Mtons Mblog: An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code
An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature. CVSSv3.1 9.8 (CRITICAL) · EPSS 72th percentile
CVE-2023-6437 — Neutralization: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TP-Link TP-Link EX20v AX1800, Tp-Link Archer C5v AC1200, Tp-Link TD-W9970, Tp-Link TD-W9970v3, TP-Link VX220-G2u, TP-Link VN020-G2u allows authenticated OS Command Injection. This issue affects TP-Link EX20v AX1800, Tp-Link Archer C5v AC1200, Tp-Link TD-W9970, Tp-Link TD-W9970v3 : through 20240328. Also the vulnerability continues in the TP-Link VX220-G2u and TP-Link CVSSv3.1 9.8 (CRITICAL)
CVE-2024-30244 — Church_admin_project Church_admin: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.0.27. CVSSv3.1 8.5 (HIGH)
CVE-2024-30236 — Contest-gallery Contest_gallery: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 21.3.4. CVSSv3.1 8.5 (HIGH)
CVE-2024-30229 — Givewp Givewp: Deserialization of Untrusted Data vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a
Deserialization of Untrusted Data vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through <= 3.4.2. CVSSv3.1 8.0 (HIGH)
CVE-2024-1770 — Meta: The Meta Tag Manager plugin for WordPress is vulnerable to PHP Object Injection in
The Meta Tag Manager plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.2 via deserialization of untrusted input in the get_post_data function. This makes it possible for authenticated attackers, with contributor access or higher, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to de CVSSv3.1 8.8 (HIGH) · EPSS 75th percentile
Mind the Patch Gap: Exploiting an io_uring Vulnerability in Ubuntu
CVE-2024-0582 is a use-after-free vulnerability in Linux kernel io_uring's provided buffer ring functionality that allows unprivileged users to gain root access via a data-only exploit. The vulnerability existed in kernels 6.4–6.6.4 and was patched in stable 6.6.5 (December 2023), but Ubuntu didn't backport the fix until February 2024, creating a two-month 0day window. The exploit leverages freed page access to modify kernel data structures without code execution, bypassing CFI mitigations.
CVE-2024-30238 — Contest-gallery Contest_gallery: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 21.3.2. CVSSv3.1 8.5 (HIGH)
CVE-2023-6153 — Authentication: Bypass by Primary Weakness vulnerability in TeoSOFT Software TeoBASE allows Authentication Bypass.
Authentication Bypass by Primary Weakness vulnerability in TeoSOFT Software TeoBASE allows Authentication Bypass. This issue affects TeoBASE: through 20240327. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. CVSSv3.1 9.8 (CRITICAL)
CVE-2023-6173 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeoSOFT Software TeoBASE allows SQL Injection. This issue affects TeoBASE: through 27032024. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. CVSSv3.1 9.8 (CRITICAL) · EPSS 36th percentile
CVE-2023-51148 — Trendnet Tew-821dap_firmware: An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP
An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface component. CVSSv3.1 8.0 (HIGH) · EPSS 41th percentile
CVE-2024-0866 — Check: The Check & Log Email plugin for WordPress is vulnerable to Unauthenticated Hook Injection
The Check & Log Email plugin for WordPress is vulnerable to Unauthenticated Hook Injection in all versions up to, and including, 1.0.9 via the check_nonce function. This makes it possible for unauthenticated attackers to execute actions with hooks in WordPress under certain circumstances. The action the attacker wishes to execute needs to have a nonce check, and the nonce needs to be known to the attacker. Furthermore, the absence of a capability check is a requirement. CVSSv3.1 8.1 (HIGH) · EPSS 81th percentile
CVE-2024-2865 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mergen Software Quality Management System allows SQL Injection. This issue affects Quality Management System: through 25032024. CVSSv3.1 9.8 (CRITICAL) · EPSS 22th percentile
CVE-2024-28386 — Home-made Fastmag_sync: An issue in Home-Made.io fastmagsync v.1.7.51 and before allows a remote attacker to execute
An issue in Home-Made.io fastmagsync v.1.7.51 and before allows a remote attacker to execute arbitrary code via the getPhpBin() component. CVSSv3.1 9.8 (CRITICAL) · EPSS 70th percentile
CVE-2024-2025 — WooCommerce: Create WooCommerce Member Pages" plugin for WordPress is vulnerable to PHP Object Injection in
The "BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages" plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.4.20 via deserialization of untrusted input in the get_simple_request function. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject a PHP Object. If a POP chain is present via an additional plugin or theme installed on the target system, it could CVSSv3.1 8.8 (HIGH) · EPSS 75th percentile
CVE-2024-29859 — Misp-project Misp: In MISP before 2.4.187, add_misp_export in app/Controller/EventsController.php does not properly check for a valid
In MISP before 2.4.187, add_misp_export in app/Controller/EventsController.php does not properly check for a valid file upload. CVSSv3.1 9.8 (CRITICAL) · EPSS 52th percentile
CVE-2024-29858 — Misp-project Misp: In MISP before 2.4.187, __uploadLogo in app/Controller/OrganisationsController.php does not properly check for a valid
In MISP before 2.4.187, __uploadLogo in app/Controller/OrganisationsController.php does not properly check for a valid logo upload. CVSSv3.1 9.8 (CRITICAL) · EPSS 30th percentile