Update Thu Apr 4 18:02:22 UTC 2024

trickest · Apr 4, 2024 · 1da49ac · 1da49ac
1 parent 9903c40
commit 1da49ac
Show file tree

Hide file tree

Showing 13 changed files with 72 additions and 8 deletions.
diff --git a/2015/CVE-2015-1054.md b/2015/CVE-2015-1054.md
@@ -10,6 +10,7 @@ Cross-site scripting (XSS) vulnerability in the Games feature in Crea8Social 2.0
 ### POC
 
 #### Reference
+- http://codecanyon.net/item/crea8social-php-social-networking-platform-v31/9211270/support
 - http://packetstormsecurity.com/files/129816/Crea8Social-2.0-Cross-Site-Scripting.html
 - http://www.exploit-db.com/exploits/35691
 

diff --git a/2024/CVE-2024-2531.md b/2024/CVE-2024-2531.md
@@ -10,7 +10,7 @@ A vulnerability classified as critical has been found in MAGESH-K21 Online-Colle
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Arbitrary%20File%20Upload%20-%20update-rooms.php.md
 
 #### Github
 - https://github.com/NaInSec/CVE-LIST

diff --git a/2024/CVE-2024-2557.md b/2024/CVE-2024-2557.md
@@ -10,7 +10,7 @@ A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/vanitashtml/CVE-Dumps/blob/main/Execute%20After%20Redirect%20-%20Food%20Management%20System.md
 
 #### Github
 - https://github.com/NaInSec/CVE-LIST

diff --git a/2024/CVE-2024-27758.md b/2024/CVE-2024-27758.md
@@ -10,7 +10,7 @@ In RPyC before 6.0.0, when a server exposes a method that calls the attribute na
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://gist.github.com/renbou/957f70d27470982994f12a1d70153d09
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

diff --git a/2024/CVE-2024-28318.md b/2024/CVE-2024-28318.md
@@ -10,7 +10,7 @@ gpac 2.3-DEV-rev921-g422b78ecf-master was discovered to contain a out of boundar
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/gpac/gpac/issues/2764
 
 #### Github
 - https://github.com/NaInSec/CVE-LIST

diff --git a/2024/CVE-2024-2902.md b/2024/CVE-2024-2902.md
@@ -0,0 +1,17 @@
+### [CVE-2024-2902](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2902)
+![](https://img.shields.io/static/v1?label=Product&message=AC7&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%2015.03.06.44%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-121%20Stack-based%20Buffer%20Overflow&color=brighgreen)
+
+### Description
+
+A vulnerability was found in Tenda AC7 15.03.06.44 and classified as critical. This issue affects the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. The manipulation of the argument shareSpeed leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257945 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/fromSetWifiGusetBasic.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-2903.md b/2024/CVE-2024-2903.md
@@ -0,0 +1,17 @@
+### [CVE-2024-2903](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2903)
+![](https://img.shields.io/static/v1?label=Product&message=AC7&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%2015.03.06.44%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-121%20Stack-based%20Buffer%20Overflow&color=brighgreen)
+
+### Description
+
+A vulnerability was found in Tenda AC7 15.03.06.44. It has been classified as critical. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257946 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/GetParentControlInfo.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/2024/CVE-2024-29042.md b/2024/CVE-2024-29042.md
@@ -10,7 +10,7 @@ Translate is a package that allows users to convert text to different languages
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/franciscop/translate/security/advisories/GHSA-882j-4vj5-7vmj
 
 #### Github
 - https://github.com/NaInSec/CVE-LIST

diff --git a/2024/CVE-2024-30601.md b/2024/CVE-2024-30601.md
@@ -10,7 +10,7 @@ Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the time parameter o
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/saveParentControlInfo_time.md
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

diff --git a/2024/CVE-2024-30607.md b/2024/CVE-2024-30607.md
@@ -10,7 +10,7 @@ Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the deviceId paramet
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/saveParentControlInfo_deviceId.md
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

diff --git a/2024/CVE-2024-30612.md b/2024/CVE-2024-30612.md
@@ -10,7 +10,7 @@ Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the deviceId, lim
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.48/more/formSetClientState.md
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

diff --git a/2024/CVE-2024-31064.md b/2024/CVE-2024-31064.md
@@ -0,0 +1,17 @@
+### [CVE-2024-31064](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31064)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field.
+
+### POC
+
+#### Reference
+- https://github.com/sahildari/cve/blob/master/CVE-2024-31064.md
+
+#### Github
+No PoCs found on GitHub currently.
+
diff --git a/references.txt b/references.txt
@@ -31429,6 +31429,7 @@ CVE-2015-1052 - http://packetstormsecurity.com/files/129917/CMS-PHPKit-WCMS-1.6.
 CVE-2015-1052 - http://seclists.org/fulldisclosure/2015/Jan/25
 CVE-2015-1053 - http://packetstormsecurity.com/files/129916/CMS-Croogo-2.2.0-Cross-Site-Scripting.html
 CVE-2015-1053 - http://seclists.org/fulldisclosure/2015/Jan/24
+CVE-2015-1054 - http://codecanyon.net/item/crea8social-php-social-networking-platform-v31/9211270/support
 CVE-2015-1054 - http://packetstormsecurity.com/files/129816/Crea8Social-2.0-Cross-Site-Scripting.html
 CVE-2015-1054 - http://www.exploit-db.com/exploits/35691
 CVE-2015-1056 - http://packetstormsecurity.com/files/129841/Brother-MFC-J4410DW-Cross-Site-Scripting.html
@@ -92940,6 +92941,7 @@ CVE-2024-25306 - https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Ma
 CVE-2024-25307 - https://github.com/tubakvgc/CVEs/blob/main/Cinema%20Seat%20Reservation%20System/Cinema%20Seat%20Reservation%20System%20-%20SQL%20Injection.md
 CVE-2024-25308 - https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-6.md
 CVE-2024-25309 - https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-7.md
+CVE-2024-2531 - https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Arbitrary%20File%20Upload%20-%20update-rooms.php.md
 CVE-2024-25310 - https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-3.md
 CVE-2024-25312 - https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-5.md
 CVE-2024-25313 - https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20Authentication%20Bypass%20-%202.md
@@ -92994,6 +92996,7 @@ CVE-2024-2546 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/A1
 CVE-2024-25502 - https://github.com/flusity/flusity-CMS/issues/10
 CVE-2024-2554 - https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Task%20Management%20System%20-%20multiple%20vulnerabilities.md#3sql-injection-vulnerability-in-update-employeephp
 CVE-2024-2556 - https://github.com/tht1997/WhiteBox/blob/main/sourcecodesters/employee-management-system-php-attendance-info.md
+CVE-2024-2557 - https://github.com/vanitashtml/CVE-Dumps/blob/main/Execute%20After%20Redirect%20-%20Food%20Management%20System.md
 CVE-2024-2558 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formexeCommand.md
 CVE-2024-2560 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromSysToolRestoreSet.md
 CVE-2024-25618 - https://github.com/mastodon/mastodon/security/advisories/GHSA-vm39-j3vx-pch3
@@ -93114,6 +93117,7 @@ CVE-2024-27743 - https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-
 CVE-2024-27744 - https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27744.md
 CVE-2024-27746 - https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27746.md
 CVE-2024-27747 - https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27747.md
+CVE-2024-27758 - https://gist.github.com/renbou/957f70d27470982994f12a1d70153d09
 CVE-2024-27916 - https://github.com/stacklok/minder/security/advisories/GHSA-v627-69v2-xx37
 CVE-2024-27923 - https://github.com/getgrav/grav/security/advisories/GHSA-f6g2-h7qv-3m5v
 CVE-2024-27927 - https://github.com/DIYgod/RSSHub/security/advisories/GHSA-3p3p-cgj7-vgw3
@@ -93139,6 +93143,7 @@ CVE-2024-28196 - https://github.com/Yooooomi/your_spotify/security/advisories/GH
 CVE-2024-28237 - https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-x7mf-wrh9-r76c
 CVE-2024-28255 - https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-6wx7-qw5p-wh84
 CVE-2024-28275 - https://paste.sr.ht/~edaigle/0b4a037fbd3166c8c72fee18efaa7decaf75b0ab
+CVE-2024-28318 - https://github.com/gpac/gpac/issues/2764
 CVE-2024-28323 - https://packetstormsecurity.com/files/177168/User-Registration-And-Login-And-User-Management-System-3.1-SQL-Injection.html
 CVE-2024-28335 - https://packetstormsecurity.com/files/177708/Lektor-Static-CMS-3.3.10-Arbitrary-File-Upload-Remote-Code-Execution.html
 CVE-2024-28383 - https://github.com/cvdyfbwa/IoT-Tenda-Router/blob/main/sub_431CF0.md
@@ -93181,7 +93186,10 @@ CVE-2024-28756 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisorie
 CVE-2024-28848 - https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-5xv3-fm7g-865r
 CVE-2024-28854 - https://en.wikipedia.org/wiki/Slowloris_(computer_security)
 CVE-2024-28861 - https://github.com/FriendsOfSymfony1/symfony1/security/advisories/GHSA-pv9j-c53q-h433
+CVE-2024-2902 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/fromSetWifiGusetBasic.md
+CVE-2024-2903 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC7/v1/GetParentControlInfo.md
 CVE-2024-29031 - https://securitylab.github.com/advisories/GHSL-2023-249_Meshery/
+CVE-2024-29042 - https://github.com/franciscop/translate/security/advisories/GHSA-882j-4vj5-7vmj
 CVE-2024-29156 - https://launchpad.net/bugs/2048114
 CVE-2024-29190 - https://drive.google.com/file/d/1nbKMd2sKosbJef5Mh4DxjcHcQ8Hw0BNR/view?usp=share_link
 CVE-2024-29272 - https://github.com/givanz/VvvebJs/issues/343
@@ -93207,7 +93215,10 @@ CVE-2024-30584 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/F
 CVE-2024-30588 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/setSchedWifi_start.md
 CVE-2024-30592 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/fromAddressNat_page.md
 CVE-2024-30596 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1202/formSetDeviceName_deviceId.md
+CVE-2024-30601 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/saveParentControlInfo_time.md
 CVE-2024-30603 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/saveParentControlInfo_urls.md
+CVE-2024-30607 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1203/saveParentControlInfo_deviceId.md
+CVE-2024-30612 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC10U/v1.V15.03.06.48/more/formSetClientState.md
 CVE-2024-30620 - https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serviceName_parameter_in_the_function_fromAdvSetMacMtuWan.md
 CVE-2024-30621 - https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serverName_parameter_in_the_function_fromAdvSetMacMtuWan.md
 CVE-2024-30628 - https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/FH/FH1205/fromAddressNat_page.md
@@ -93229,6 +93240,7 @@ CVE-2024-31061 - https://portswigger.net/web-security/cross-site-scripting/store
 CVE-2024-31062 - https://github.com/sahildari/cve/blob/master/CVE-2024-31062.md
 CVE-2024-31062 - https://portswigger.net/web-security/cross-site-scripting/stored
 CVE-2024-31063 - https://portswigger.net/web-security/cross-site-scripting/stored
+CVE-2024-31064 - https://github.com/sahildari/cve/blob/master/CVE-2024-31064.md
 CVE-2024-31065 - https://portswigger.net/web-security/cross-site-scripting/stored
 CVE-2024-3124 - https://vuldb.com/?submit.307752
 CVE-2024-3128 - https://github.com/ctflearner/Android_Findings/blob/main/Replify-Messenger/Backup.md