Update Mon Dec 30 12:14:46 UTC 2024

2020/CVE-2020-28641.md

@@ -0,0 +1,17 @@
+### [CVE-2020-28641](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28641)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system.
+
+### POC
+
+#### Reference
+- https://support.malwarebytes.com/hc/en-us/articles/1500000403501-Arbitrary-file-deletion-vulnerability-fixed-in-Malwarebytes-Endpoint-Protection
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-50231.md

@@ -0,0 +1,17 @@
+### [CVE-2023-50231](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50231)
+![](https://img.shields.io/static/v1?label=Product&message=ProSAFE%20Network%20Management%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.7.0.26%20x64%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%3A%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
+
+### Description
+
+NETGEAR ProSAFE Network Management System saveNodeLabel Cross-Site Scripting Privilege Escalation Vulnerability. This vulnerability allows remote attackers to escalate privileges on affected installations of NETGEAR ProSAFE Network Management System. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the saveNodeLabel method. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the user. Was ZDI-CAN-21838.
+
+### POC
+
+#### Reference
+- https://kb.netgear.com/000065901/Security-Advisory-for-Stored-Cross-Site-Scripting-on-the-NMS300-PSV-2023-0106
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-6275.md

@@ -10,7 +10,7 @@ A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It ha
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://vuldb.com/?id.246104
 
 #### Github
 - https://github.com/20142995/nuclei-templates

2023/CVE-2023-6473.md

@@ -0,0 +1,17 @@
+### [CVE-2023-6473](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6473)
+![](https://img.shields.io/static/v1?label=Product&message=Online%20Quiz%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as problematic, was found in SourceCodester Online Quiz System 1.0. This affects an unknown part of the file take-quiz.php. The manipulation of the argument quiz_taker/year_section leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246639.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.246639
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-6609.md

@@ -0,0 +1,17 @@
+### [CVE-2023-6609](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6609)
+![](https://img.shields.io/static/v1?label=Product&message=osCommerce&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%204%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen)
+
+### Description
+
+A vulnerability was found in osCommerce 4. It has been classified as problematic. This affects an unknown part of the file /b2b-supermarket/catalog/all-products. The manipulation of the argument keywords with the input %27%22%3E%3Cimg%2Fsrc%3D1+onerror%3Dalert%28document.cookie%29%3E leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-247245 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.247245
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-25411.md

@@ -10,7 +10,7 @@ A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/paragbagul111/CVE-2024-25411
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

2024/CVE-2024-25412.md

@@ -10,7 +10,7 @@ A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/paragbagul111/CVE-2024-25412
 
 #### Github
 - https://github.com/20142995/nuclei-templates

2024/CVE-2024-25431.md

@@ -10,7 +10,7 @@ An issue in bytecodealliance wasm-micro-runtime before v.b3f728c and fixed in co
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/bytecodealliance/wasm-micro-runtime/issues/3122
 
 #### Github
 - https://github.com/haruki3hhh/fuzzing

2024/CVE-2024-36062.md

@@ -10,7 +10,7 @@ The com.callassistant.android (aka AI Call Assistant & Screener) application 1.1
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/actuator/com.callassistant.android/blob/main/CVE-2024-36062
 
 #### Github
 - https://github.com/actuator/cve

2024/CVE-2024-36537.md

@@ -0,0 +1,17 @@
+### [CVE-2024-36537](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36537)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Insecure permissions in cert-manager v1.14.4 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
+
+### POC
+
+#### Reference
+- https://gist.github.com/HouqiyuA/27879a6366a65fcd5f6c6fcbcf68d8e3
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-36541.md

@@ -0,0 +1,17 @@
+### [CVE-2024-36541](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36541)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
+
+### POC
+
+#### Reference
+- https://gist.github.com/HouqiyuA/f972d1c152f3b8127af01206f7c2af0d
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-36626.md

@@ -0,0 +1,17 @@
+### [CVE-2024-36626](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36626)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+In prestashop 8.1.4, a NULL pointer dereference was identified in the math_round function within Tools.php.
+
+### POC
+
+#### Reference
+- https://gist.github.com/1047524396/25c45b61a6374e0fdaf720c9863c6bcd
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-36694.md

@@ -10,6 +10,7 @@ OpenCart 4.0.2.3 is vulnerable to Server-Side Template Injection (SSTI) via the
 ### POC
 
 #### Reference
+- https://github.com/A3h1nt/CVEs/blob/main/OpenCart/Readme.md
 - https://medium.com/@pawarit.sanguanpang/opencart-v4-0-2-3-server-side-template-injection-0b173a3bdcf9
 
 #### Github

2024/CVE-2024-52726.md

@@ -10,7 +10,7 @@ CRMEB v5.4.0 is vulnerable to Arbitrary file read in the save_basics function wh
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/sec-Kode/cve3/blob/main/cve3.md
 
 #### Github
 - https://github.com/wy876/POC

2024/CVE-2024-54907.md

@@ -0,0 +1,17 @@
+### [CVE-2024-54907](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54907)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Remote Code Execution in /bin/boa via formWsc.
+
+### POC
+
+#### Reference
+- https://github.com/MnrikSrins/totolink_A3002R_RCE
+
+#### Github
+No PoCs found on GitHub currently.
+

references.txt

@@ -73626,6 +73626,7 @@ CVE-2020-28634 - https://talosintelligence.com/vulnerability_reports/TALOS-2020-
 CVE-2020-28635 - https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
 CVE-2020-28636 - https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225
 CVE-2020-2864 - https://www.oracle.com/security-alerts/cpuapr2020.html
+CVE-2020-28641 - https://support.malwarebytes.com/hc/en-us/articles/1500000403501-Arbitrary-file-deletion-vulnerability-fixed-in-Malwarebytes-Endpoint-Protection
 CVE-2020-28647 - https://labs.secforce.com/posts/progress-moveit-transfer-2020.1-stored-xss-cve-2020-28647/
 CVE-2020-28648 - http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html
 CVE-2020-28648 - https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/
@@ -100745,6 +100746,7 @@ CVE-2023-50164 - http://packetstormsecurity.com/files/176157/Struts-S2-066-File-
 CVE-2023-50172 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1897
 CVE-2023-5019 - https://github.com/ggg48966/cve/blob/main/sql.md
 CVE-2023-5023 - https://github.com/RCEraser/cve/blob/main/sql_inject_3.md
+CVE-2023-50231 - https://kb.netgear.com/000065901/Security-Advisory-for-Stored-Cross-Site-Scripting-on-the-NMS300-PSV-2023-0106
 CVE-2023-50239 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1893
 CVE-2023-5024 - https://youtu.be/evdhcUlD1EQ
 CVE-2023-50240 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1893
@@ -101374,6 +101376,7 @@ CVE-2023-6271 - https://wpscan.com/vulnerability/7ac217db-f332-404b-a265-6dc86fe
 CVE-2023-6272 - https://wpscan.com/vulnerability/a03243ea-fee7-46e4-8037-a228afc5297a
 CVE-2023-6274 - https://github.com/Carol7S/cve/blob/main/rce.md
 CVE-2023-6274 - https://vuldb.com/?id.246103
+CVE-2023-6275 - https://vuldb.com/?id.246104
 CVE-2023-6277 - https://gitlab.com/libtiff/libtiff/-/issues/614
 CVE-2023-6278 - https://wpscan.com/vulnerability/dfe5001f-31b9-4de2-a240-f7f5a992ac49/
 CVE-2023-6279 - https://wpscan.com/vulnerability/626bbc7d-0d0f-4418-ac61-666278a1cbdb/
@@ -101419,6 +101422,7 @@ CVE-2023-6444 - https://wpscan.com/vulnerability/061c59d6-f4a0-4cd1-b945-5e92b9c
 CVE-2023-6447 - https://wpscan.com/vulnerability/e366881c-d21e-4063-a945-95e6b080a373/
 CVE-2023-6456 - https://wpscan.com/vulnerability/30f31412-8f94-4d5e-a080-3f6f669703cd/
 CVE-2023-6461 - https://huntr.com/bounties/9a97d163-1738-4a09-b284-a04716e69dd0
+CVE-2023-6473 - https://vuldb.com/?id.246639
 CVE-2023-6474 - https://github.com/dhabaleshwar/niv_testing_csrf/blob/main/exploit.md
 CVE-2023-6485 - https://wpscan.com/vulnerability/759b3866-c619-42cc-94a8-0af6d199cc81
 CVE-2023-6486 - https://youtu.be/t5K745dBsT0
@@ -101449,6 +101453,7 @@ CVE-2023-6591 - https://wpscan.com/vulnerability/f296de1c-b70b-4829-aba7-4afa24f
 CVE-2023-6592 - https://research.cleantalk.org/cve-2023-6592-fastdup-database-users-password-leak-poc-exploit/
 CVE-2023-6592 - https://wpscan.com/vulnerability/a39bb807-b143-4863-88ff-1783e407d7d4/
 CVE-2023-6599 - https://huntr.com/bounties/6198785c-bf60-422e-9b80-68a6e658a10e
+CVE-2023-6609 - https://vuldb.com/?id.247245
 CVE-2023-6620 - https://wpscan.com/vulnerability/ab5c42ca-ee7d-4344-bd88-0d727ed3d9c4
 CVE-2023-6621 - https://wpscan.com/vulnerability/b49ca336-5bc2-4d72-a9a5-b8c020057928
 CVE-2023-6623 - https://wpscan.com/blog/file-inclusion-vulnerability-fixed-in-essential-blocks-4-4-3/
@@ -103173,6 +103178,8 @@ CVE-2024-25386 - https://gist.github.com/Shulelk/15c9ba8d6b54dd4256a50a24ac7dd0a
 CVE-2024-25386 - https://sec.1i6w31fen9.top/2024/02/02/dcf-operations-window-remote-command-execute/
 CVE-2024-25398 - https://github.com/Nivedita-22/SRELAY-exploit-writeup/blob/main/Srelay.md
 CVE-2024-25410 - https://github.com/flusity/flusity-CMS/issues/9
+CVE-2024-25411 - https://github.com/paragbagul111/CVE-2024-25411
+CVE-2024-25412 - https://github.com/paragbagul111/CVE-2024-25412
 CVE-2024-25413 - https://github.com/capture0x/Magento-ver.-2.4.6
 CVE-2024-25413 - https://packetstormsecurity.com/files/175801/FireBear-Improved-Import-And-Export-3.8.6-XSLT-Server-Side-Injection.html
 CVE-2024-25414 - https://github.com/capture0x/CSZ_CMS
@@ -103186,6 +103193,7 @@ CVE-2024-25419 - https://github.com/Carl0724/cms/blob/main/1.md
 CVE-2024-25423 - https://github.com/DriverUnload/cve-2024-25423
 CVE-2024-25428 - https://github.com/wuweiit/mushroom/issues/19
 CVE-2024-2543 - https://gist.github.com/Xib3rR4dAr/a248426dfee107c6fda08e80f98fa894
+CVE-2024-25431 - https://github.com/bytecodealliance/wasm-micro-runtime/issues/3122
 CVE-2024-25434 - https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-25434%20-%3E%20Stored%20XSS%20in%20input%20public%20name%20of%20the%20Component
 CVE-2024-25435 - https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-25435%20-%3E%20Reflected%20XSS%20on%20md1patient%20login%20page
 CVE-2024-25436 - https://github.com/machisri/CVEs-and-Vulnerabilities/blob/main/CVE-2024-25438%20-%3E%20Stored%20XSS%20in%20input%20Subject%20of%20the%20Add%20Discussion%20Component%20under%20Submissions
@@ -104816,6 +104824,7 @@ CVE-2024-35978 - https://git.kernel.org/stable/c/45d355a926ab40f3ae7bc0b0a00cb0e
 CVE-2024-36049 - https://www.redteam-pentesting.de/en/advisories/rt-sa-2023-007/
 CVE-2024-36051 - https://delvingbitcoin.org/t/cve-2024-38365-public-disclosure-btcd-findanddelete-bug/1184
 CVE-2024-36052 - https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983
+CVE-2024-36062 - https://github.com/actuator/com.callassistant.android/blob/main/CVE-2024-36062
 CVE-2024-36080 - https://www.westermo.com/-/media/Files/Cyber-security/westermo_sa_EDW-100_24-05.pdf
 CVE-2024-36081 - https://www.westermo.com/-/media/Files/Cyber-security/westermo_sa_EDW-100_24-05.pdf
 CVE-2024-36105 - https://github.com/dbt-labs/dbt-core/security/advisories/GHSA-pmrx-695r-4349
@@ -104882,9 +104891,11 @@ CVE-2024-36527 - https://gist.github.com/7a6163/25fef08f75eed219c8ca21e332d6e911
 CVE-2024-36534 - https://gist.github.com/HouqiyuA/0de688e6b874e480ddc1154350368450
 CVE-2024-36535 - https://gist.github.com/HouqiyuA/2950c3993cdeff23afcbd73ba7a33879
 CVE-2024-36536 - https://gist.github.com/HouqiyuA/381f100f2ba82a8ada03994aac5bb2e8
+CVE-2024-36537 - https://gist.github.com/HouqiyuA/27879a6366a65fcd5f6c6fcbcf68d8e3
 CVE-2024-36538 - https://gist.github.com/HouqiyuA/f06d1fa07b5287b862c1e0b288f301e5
 CVE-2024-36539 - https://gist.github.com/HouqiyuA/c92f9ec979653dceeea947afd0b47a80
 CVE-2024-36540 - https://gist.github.com/HouqiyuA/a4834f3c8450f9d89e2bc4d5c4beef6a
+CVE-2024-36541 - https://gist.github.com/HouqiyuA/f972d1c152f3b8127af01206f7c2af0d
 CVE-2024-36542 - https://gist.github.com/HouqiyuA/e1685843b6f42b47dbf97e2e92e63428
 CVE-2024-36547 - https://github.com/da271133/cms/blob/main/32/csrf.md
 CVE-2024-36548 - https://github.com/da271133/cms/blob/main/31/csrf.md
@@ -104909,6 +104920,7 @@ CVE-2024-36600 - https://github.com/gashasbi/My-Reports/tree/main/CVE-2024-36600
 CVE-2024-3661 - https://news.ycombinator.com/item?id=40279632
 CVE-2024-3661 - https://www.leviathansecurity.com/blog/tunnelvision
 CVE-2024-3661 - https://www.leviathansecurity.com/research/tunnelvision
+CVE-2024-36626 - https://gist.github.com/1047524396/25c45b61a6374e0fdaf720c9863c6bcd
 CVE-2024-36650 - https://gist.github.com/Swind1er/f442fcac520a48c05c744c7b72362483
 CVE-2024-36656 - https://github.com/minthcm/minthcm/issues/67
 CVE-2024-36667 - https://github.com/sigubbs/cms/blob/main/36/csrf.md
@@ -104923,6 +104935,7 @@ CVE-2024-36679 - https://security.friendsofpresta.org/modules/2024/06/18/livecha
 CVE-2024-36680 - https://security.friendsofpresta.org/modules/2024/06/18/pkfacebook.html
 CVE-2024-36681 - https://security.friendsofpresta.org/modules/2024/06/20/pk_isotope.html
 CVE-2024-3669 - https://wpscan.com/vulnerability/3c37c9a9-1424-427a-adc7-c2336a47e9cf/
+CVE-2024-36694 - https://github.com/A3h1nt/CVEs/blob/main/OpenCart/Readme.md
 CVE-2024-36694 - https://medium.com/@pawarit.sanguanpang/opencart-v4-0-2-3-server-side-template-injection-0b173a3bdcf9
 CVE-2024-3673 - https://wpscan.com/vulnerability/0e8930cb-e176-4406-a43f-a6032471debf/
 CVE-2024-36773 - https://github.com/OoLs5/VulDiscovery/blob/main/cve-2024-36773.md
@@ -106375,6 +106388,7 @@ CVE-2024-52336 - https://www.openwall.com/lists/oss-security/2024/11/28/1
 CVE-2024-52337 - https://security.opensuse.org/2024/11/26/tuned-instance-create.html
 CVE-2024-52337 - https://www.openwall.com/lists/oss-security/2024/11/28/1
 CVE-2024-5257 - https://gitlab.com/gitlab-org/gitlab/-/issues/463149
+CVE-2024-52726 - https://github.com/sec-Kode/cve3/blob/main/cve3.md
 CVE-2024-5274 - https://issues.chromium.org/issues/341663589
 CVE-2024-5276 - https://www.tenable.com/security/research/tra-2024-25
 CVE-2024-52765 - http://tjr181.com/2024/11/08/H3C%20GR-1800AX/
@@ -106469,6 +106483,7 @@ CVE-2024-5473 - https://wpscan.com/vulnerability/9c70cfc4-5759-469a-a6a3-510c405
 CVE-2024-5475 - https://wpscan.com/vulnerability/cee66543-b5d6-4205-8f9b-0febd7fee445/
 CVE-2024-54774 - https://github.com/taynes-llllzt/taynes/issues/4
 CVE-2024-5488 - https://wpscan.com/vulnerability/28507376-ded0-4e1a-b2fc-2182895aa14c/
+CVE-2024-54907 - https://github.com/MnrikSrins/totolink_A3002R_RCE
 CVE-2024-5499 - https://issues.chromium.org/issues/339877167
 CVE-2024-5515 - https://github.com/HaojianWang/cve/issues/1
 CVE-2024-5515 - https://vuldb.com/?submit.345714