Cybersecurity information flow

Windows Kernel Elevation of Privilege Vulnerability
[GitHub]Proof-of-Concept for CVE-2024-21345

" Windows内核权限提升漏洞\n[GitHub] CVE-2024-21345概念验证"

Windows Kernel Elevation of Privilege Vulnerability
[GitHub]Proof-of-Concept for CVE-2024-26218

" Windows内核权限提升漏洞\n[GitHub] CVE-2024-26218概念验证"

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module.
[GitHub]Explore CVE-2022-41741 with the Evil MP4 repository. It offers educational PoCs, mitigation strategies, and detailed documentation on securing nginx against MP4 file vulnerabilities. For legal, ethical security testing only.

" NGINX 开源版本 1.23.2 之前和 1.22.1 之前，NGINX 开源订阅版本 R2 P1 之前和 R1 P1 之前，以及 NGINX Plus 版本 R27 P1 之前和 R26 P1 之前，模

Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. For more details, please review the linked advisory on this CVE.
[GitHub]NSE script for checking the presence of CVE-2023-22515

" Atlassian已经注意到一些客户报告的一个问题，即外部攻击者可能利用了公开可访问的Confluence数据中心和服务器实例中 previously unknown 的一个漏洞，创建了未经授权的Confluence管理员账户并访问了Confluence实例。Atlassian Cloud站点不受此漏洞的影响。如果您的Confluence站点通过atlassian.net域名访问，那么它由Atlassian托管，不会受到此问题的影响。更多关于此漏洞的详细信息，请查看与此CVE链接的咨询文件。\n[GitHub]用于检查CVE-2023-22515存在的NSE脚本"

Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.  Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.
[GitHub]activemq-rce-cve-2023-46604

" Apache ActiveMQ存在远程代码执行漏洞。该漏洞可能允许具有网络访问权的远程攻击者通过操纵OpenWire协议中的序列化类类型来运行任意shell命令，从而导致代理 instantiate 类路径上的任何类。建议用户升级到版本5.15.16、5.16.7、5.17.6或5.18.3，以修复此问题。\n[GitHub]activemq-rce-cve-2023-46604"

VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.
[GitHub]CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | Full Server Takeover

" VFS沙箱逃逸在所有版本小于10.7.1和11.1.0的CrushFTP中，以及在所有平台上，允许具有低权限的远程攻击者从VFS沙箱之外的文件系统读取文件。\n[GitHub] CVE-2024-4040 CrushFTP SSTI LFI & Auth Bypass | 完整服务器接管。"

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Path Traversal.This issue affects WP-FormAssembly: from n/a through 2.0.5.

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

Incorrect Default Permissions vulnerability in Metagauss RegistrationMagic allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects RegistrationMagic: from n/a through 5.1.9.2.

Missing Authorization vulnerability in Quiz Maker team Quiz Maker.This issue affects Quiz Maker: from n/a through 6.3.9.4.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.1.9.2.

Missing Authorization vulnerability in Shoaib Saleem WP Post Rating allows Functionality Misuse.This issue affects WP Post Rating: from n/a through 2.5.

Improper Authentication, Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in xtemos WoodMart allows Cross-Site Scripting (XSS).This issue affects WoodMart: from n/a through 7.0.4.

Unrestricted Upload of File with Dangerous Type vulnerability in Unlimited Elements Unlimited Elements For Elementor (Free Widgets, Addons, Templates) allows Upload a Web Shell to a Web Server.This issue affects Unlimited Elements For Elementor (Free Widgets, Addons, Templates): from n/a through 1.5.60.

Missing Authorization vulnerability in Daniel Powney Multi Rating allows Functionality Misuse.This issue affects Multi Rating: from n/a through 5.0.6.

Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Elementor Website Builder: from n/a through 3.16.4.