Update Fri May 24 02:13:29 UTC 2024

2018/CVE-2018-21167.md

@@ -0,0 +1,17 @@
+### [CVE-2018-21167](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21167)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Certain NETGEAR devices are affected by stored XSS. This affects D6100 before 1.0.0.57, DM200 before 1.0.0.50, EX2700 before 1.0.1.32, EX6100v2 before 1.0.1.70, EX6150v2 before 1.0.1.70, EX6200v2 before 1.0.1.62, EX6400 before 1.0.1.78, EX7300 before 1.0.1.78, EX8000 before 1.0.0.114, R6100 before 1.0.1.22, R7500 before 1.0.0.122, R7800 before 1.0.2.42, R8900 before 1.0.3.10, R9000 before 1.0.3.10, WN2000RPTv3 before 1.0.1.26, WN3000RPv3 before 1.0.2.66, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.54, WNDR4500v3 before 1.0.0.54, and WNR2000v5 before 1.0.0.64.
+
+### POC
+
+#### Reference
+- https://kb.netgear.com/000055191/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Routers-Gateways-Extenders-and-DSL-Modems-PSV-2017-3093
+
+#### Github
+No PoCs found on GitHub currently.
+

2020/CVE-2020-19295.md

@@ -10,7 +10,7 @@ A reflected cross-site scripting (XSS) vulnerability in the /weibo/topic compone
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://www.seebug.org/vuldb/ssvid-97950
 
 #### Github
 - https://github.com/ARPSyndicate/kenzer-templates

2022/CVE-2022-2814.md

@@ -0,0 +1,17 @@
+### [CVE-2022-2814](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2814)
+![](https://img.shields.io/static/v1?label=Product&message=Simple%20and%20Nice%20Shopping%20Cart%20Script&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen)
+
+### Description
+
+A vulnerability has been found in SourceCodester Simple and Nice Shopping Cart Script and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /mkshope/login.php. The manipulation of the argument msg leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206401 was assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://vuldb.com/?id.206401
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-31843.md

@@ -0,0 +1,17 @@
+### [CVE-2024-31843](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31843)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue was discovered in Italtel Embrace 1.6.4. The Web application does not properly check the parameters sent as input before they are processed on the server side. This allows authenticated users to execute commands on the Operating System.
+
+### POC
+
+#### Reference
+- https://www.gruppotim.it/it/footer/red-team.html
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-33525.md

@@ -0,0 +1,17 @@
+### [CVE-2024-33525](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33525)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A Stored Cross-site Scripting (XSS) vulnerability in the "Import of organizational units and title of organizational unit" feature in ILIAS 7.20 to 7.29 and ILIAS 8.4 to 8.10 as well as ILIAS 9.0 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.
+
+### POC
+
+#### Reference
+- https://insinuator.net/2024/05/security-advisory-achieving-php-code-execution-in-ilias-elearning-lms-before-v7-30-v8-11-v9-1/
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-33526.md

@@ -0,0 +1,17 @@
+### [CVE-2024-33526](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33526)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A Stored Cross-site Scripting (XSS) vulnerability in the "Import of user role and title of user role" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.
+
+### POC
+
+#### Reference
+- https://insinuator.net/2024/05/security-advisory-achieving-php-code-execution-in-ilias-elearning-lms-before-v7-30-v8-11-v9-1/
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-33527.md

@@ -0,0 +1,17 @@
+### [CVE-2024-33527](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33527)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A Stored Cross-site Scripting (XSS) vulnerability in the "Import of Users and login name of user" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.
+
+### POC
+
+#### Reference
+- https://insinuator.net/2024/05/security-advisory-achieving-php-code-execution-in-ilias-elearning-lms-before-v7-30-v8-11-v9-1/
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-33528.md

@@ -0,0 +1,17 @@
+### [CVE-2024-33528](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33528)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A Stored Cross-site Scripting (XSS) vulnerability in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with tutor privileges to inject arbitrary web script or HTML via XML file upload.
+
+### POC
+
+#### Reference
+- https://insinuator.net/2024/05/security-advisory-achieving-php-code-execution-in-ilias-elearning-lms-before-v7-30-v8-11-v9-1/
+
+#### Github
+No PoCs found on GitHub currently.
+

2024/CVE-2024-33529.md

@@ -0,0 +1,17 @@
+### [CVE-2024-33529](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33529)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+ILIAS 7 before 7.30 and ILIAS 8 before 8.11 as well as ILIAS 9.0 allow remote authenticated attackers with administrative privileges to execute operating system commands via file uploads with dangerous types.
+
+### POC
+
+#### Reference
+- https://insinuator.net/2024/05/security-advisory-achieving-php-code-execution-in-ilias-elearning-lms-before-v7-30-v8-11-v9-1/
+
+#### Github
+No PoCs found on GitHub currently.
+

references.txt

@@ -52313,6 +52313,7 @@ CVE-2018-21149 - https://kb.netgear.com/000059484/Security-Advisory-for-Post-Aut
 CVE-2018-21151 - https://kb.netgear.com/000059482/Security-Advisory-for-Post-Authentication-Buffer-Overflow-on-Some-Gateways-and-Routers-PSV-2017-3154
 CVE-2018-21159 - https://kb.netgear.com/000059471/Security-Advisory-for-Security-Misconfiguration-on-ReadyNAS-OS-6-PSV-2017-1999
 CVE-2018-21160 - https://kb.netgear.com/000059470/Security-Advisory-for-Cross-Site-Request-Forgery-on-ReadyNAS-OS-6-PSV-2017-1998
+CVE-2018-21167 - https://kb.netgear.com/000055191/Security-Advisory-for-Stored-Cross-Site-Scripting-on-Routers-Gateways-Extenders-and-DSL-Modems-PSV-2017-3093
 CVE-2018-21173 - https://kb.netgear.com/000055185/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-PSV-2017-2627
 CVE-2018-21175 - https://kb.netgear.com/000055183/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2624
 CVE-2018-21176 - https://kb.netgear.com/000055182/Security-Advisory-for-Post-Authentication-Stack-Overflow-on-Some-Routers-and-Gateways-PSV-2017-2623
@@ -65449,6 +65450,7 @@ CVE-2020-1927 - https://www.oracle.com/security-alerts/cpuApr2021.html
 CVE-2020-1927 - https://www.oracle.com/security-alerts/cpujul2020.html
 CVE-2020-1927 - https://www.oracle.com/security-alerts/cpujul2022.html
 CVE-2020-19280 - https://github.com/zchuanzhao/jeesns/issues/9
+CVE-2020-19295 - https://www.seebug.org/vuldb/ssvid-97950
 CVE-2020-19301 - https://github.com/tingyuu/vaeThink/issues/1
 CVE-2020-19302 - https://github.com/tingyuu/vaeThink/issues/2
 CVE-2020-19305 - https://github.com/MRdoulestar/CodeAnalyse/issues/2
@@ -82452,6 +82454,7 @@ CVE-2022-28110 - https://medium.com/@honeyakshat999/hotel-management-system-sql-
 CVE-2022-28117 - http://packetstormsecurity.com/files/167063/Navigate-CMS-2.9.4-Server-Side-Request-Forgery.html
 CVE-2022-28127 - https://talosintelligence.com/vulnerability_reports/TALOS-2022-1571
 CVE-2022-28132 - https://www.exploit-db.com/exploits/50939
+CVE-2022-2814 - https://vuldb.com/?id.206401
 CVE-2022-2816 - https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58
 CVE-2022-2817 - https://huntr.dev/bounties/a7b7d242-3d88-4bde-a681-6c986aff886f
 CVE-2022-28171 - http://packetstormsecurity.com/files/170818/Hikvision-Remote-Code-Execution-XSS-SQL-Injection.html
@@ -95704,6 +95707,7 @@ CVE-2024-31819 - https://github.com/Chocapikk/CVE-2024-31819
 CVE-2024-31839 - https://blog.chebuya.com/posts/remote-code-execution-on-chaos-rat-via-spoofed-agents/
 CVE-2024-31840 - https://www.gruppotim.it/it/footer/red-team.html
 CVE-2024-31841 - https://www.gruppotim.it/it/footer/red-team.html
+CVE-2024-31843 - https://www.gruppotim.it/it/footer/red-team.html
 CVE-2024-31844 - https://www.gruppotim.it/it/footer/red-team.html
 CVE-2024-31845 - https://www.gruppotim.it/it/footer/red-team.html
 CVE-2024-31846 - https://www.gruppotim.it/it/footer/red-team.html
@@ -95892,6 +95896,11 @@ CVE-2024-33445 - https://gist.github.com/LioTree/04a4ece38df53af4027d52b2aeb7aff
 CVE-2024-33445 - https://github.com/hisiphp/hisiphp/issues/11
 CVE-2024-3346 - https://github.com/Yu1e/vuls/blob/main/Byzro%20Networks%20Smart%20S80%20management%20platform%20has%20rce%20vulnerability.md
 CVE-2024-33485 - https://github.com/CveSecLook/cve/issues/17
+CVE-2024-33525 - https://insinuator.net/2024/05/security-advisory-achieving-php-code-execution-in-ilias-elearning-lms-before-v7-30-v8-11-v9-1/
+CVE-2024-33526 - https://insinuator.net/2024/05/security-advisory-achieving-php-code-execution-in-ilias-elearning-lms-before-v7-30-v8-11-v9-1/
+CVE-2024-33527 - https://insinuator.net/2024/05/security-advisory-achieving-php-code-execution-in-ilias-elearning-lms-before-v7-30-v8-11-v9-1/
+CVE-2024-33528 - https://insinuator.net/2024/05/security-advisory-achieving-php-code-execution-in-ilias-elearning-lms-before-v7-30-v8-11-v9-1/
+CVE-2024-33529 - https://insinuator.net/2024/05/security-advisory-achieving-php-code-execution-in-ilias-elearning-lms-before-v7-30-v8-11-v9-1/
 CVE-2024-33530 - https://insinuator.net/2024/05/vulnerability-in-jitsi-meet-meeting-password-disclosure-affecting-meetings-with-lobbies/
 CVE-2024-3366 - https://github.com/xuxueli/xxl-job/issues/3391
 CVE-2024-33664 - https://github.com/mpdavis/python-jose/issues/344