Update Fri Feb 23 10:10:35 UTC 2024

2013/CVE-2013-0338.md

@@ -11,6 +11,7 @@ libxml2 2.9.0 and earlier allows context-dependent attackers to cause a denial o
 
 #### Reference
 - http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
+- http://www.ubuntu.com/usn/USN-1782-1
 
 #### Github
 No PoCs found on GitHub currently.

2022/CVE-2022-0125.md

@@ -0,0 +1,17 @@
+### [CVE-2022-0125](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0125)
+![](https://img.shields.io/static/v1?label=Product&message=GitLab&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Improper%20access%20control%20in%20GitLab&color=brighgreen)
+
+### Description
+
+An issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5, all versions starting from 14.5.0 before 14.5.3, all versions starting from 14.6.0 before 14.6.2. GitLab was not verifying that a maintainer of a project had the right access to import members from a target project.
+
+### POC
+
+#### Reference
+- https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0125.json
+
+#### Github
+No PoCs found on GitHub currently.
+

2022/CVE-2022-3973.md

@@ -11,6 +11,7 @@ A vulnerability classified as critical has been found in Pingkon HMS-PHP. Affect
 
 #### Reference
 - https://github.com/Pingkon/HMS-PHP/issues/1
+- https://vuldb.com/?id.213552
 
 #### Github
 No PoCs found on GitHub currently.

2023/CVE-2023-24334.md

@@ -0,0 +1,17 @@
+### [CVE-2023-24334](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24334)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary commands via schedStartTime parameter.
+
+### POC
+
+#### Reference
+- https://github.com/caoyebo/CVE/tree/main/TENDA%20AC23%20-%20CVE-2023-24334
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-27013.md

@@ -0,0 +1,17 @@
+### [CVE-2023-27013](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27013)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the get_parentControl_list_Info function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.
+
+### POC
+
+#### Reference
+- https://github.com/DrizzlingSun/Tenda/blob/main/AC10/2/2.md
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-27098.md

@@ -0,0 +1,17 @@
+### [CVE-2023-27098](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27098)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.
+
+### POC
+
+#### Reference
+- https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-27115.md

@@ -11,6 +11,7 @@ WebAssembly v1.0.29 was discovered to contain a segmentation fault via the compo
 
 #### Reference
 - https://github.com/WebAssembly/wabt/issues/1938
+- https://github.com/WebAssembly/wabt/issues/1992
 
 #### Github
 No PoCs found on GitHub currently.

2023/CVE-2023-27232.md

@@ -0,0 +1,17 @@
+### [CVE-2023-27232](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27232)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wanStrategy parameter at /setting/setWanIeCfg.
+
+### POC
+
+#### Reference
+- https://github.com/Am1ngl/ttt/tree/main/32
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-27249.md

@@ -12,6 +12,7 @@ swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function
 #### Reference
 - https://github.com/keepinggg/poc/blob/main/poc_of_swfdump/poc
 - https://github.com/keepinggg/poc/tree/main/poc_of_swfdump
+- https://github.com/matthiaskramm/swftools/issues/197
 
 #### Github
 No PoCs found on GitHub currently.

2023/CVE-2023-27492.md

@@ -0,0 +1,17 @@
+### [CVE-2023-27492](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27492)
+![](https://img.shields.io/static/v1?label=Product&message=envoy&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%201.25.0%2C%20%3C%201.25.3%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-770%3A%20Allocation%20of%20Resources%20Without%20Limits%20or%20Throttling&color=brighgreen)
+
+### Description
+
+Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the Lua filter is vulnerable to denial of service. Attackers can send large request bodies for routes that have Lua filter enabled and trigger crashes. As of versions versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, Envoy no longer invokes the Lua coroutine if the filter has been reset. As a workaround for those whose Lua filter is buffering all requests/ responses, mitigate by using the buffer filter to avoid triggering the local reply in the Lua filter.
+
+### POC
+
+#### Reference
+- https://github.com/envoyproxy/envoy/security/advisories/GHSA-wpc2-2jp6-ppg2
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-27849.md

@@ -0,0 +1,17 @@
+### [CVE-2023-27849](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27849)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+rails-routes-to-json v1.0.0 was discovered to contain a remote code execution (RCE) vulnerability via the child_process function.
+
+### POC
+
+#### Reference
+- https://github.com/omnitaint/Vulnerability-Reports/blob/2211ea4712f24d20b7f223fb737910fdfb041edb/reports/rails-routes-to-json/report.md
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-30349.md

@@ -0,0 +1,17 @@
+### [CVE-2023-30349](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30349)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+JFinal CMS v5.1.0 was discovered to contain a remote code execution (RCE) vulnerability via the ActionEnter function.
+
+### POC
+
+#### Reference
+- https://github.com/jflyfox/jfinal_cms/issues/54
+
+#### Github
+No PoCs found on GitHub currently.
+

2023/CVE-2023-7101.md

@@ -11,6 +11,7 @@ Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel fil
 
 #### Reference
 - https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md
+- https://https://github.com/haile01/perl_spreadsheet_excel_rce_poc
 
 #### Github
 - https://github.com/Ostorlab/KEV

2023/CVE-2023-7102.md

@@ -10,6 +10,7 @@ Use of a Third Party library produced a vulnerability in Barracuda Networks Inc.
 ### POC
 
 #### Reference
+- https://github.com/haile01/perl_spreadsheet_excel_rce_poc
 - https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md
 
 #### Github

2023/CVE-2023-7135.md

@@ -10,7 +10,7 @@ A vulnerability classified as problematic has been found in code-projects Record
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://github.com/h4md153v63n/CVEs/blob/main/Record_Management_System/Record_Management_System-Blind_Cross_Site_Scripting-1.md
 
 #### Github
 - https://github.com/h4md153v63n/CVEs

2024/CVE-2024-1784.md

@@ -0,0 +1,17 @@
+### [CVE-2024-1784](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1784)
+![](https://img.shields.io/static/v1?label=Product&message=Limbas&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%205.2.14%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability classified as problematic was found in Limbas 5.2.14. Affected by this vulnerability is an unknown functionality of the file main_admin.php. The manipulation of the argument tab_group leads to sql injection. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254575. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/liyako/vulnerability/blob/main/POC/Limbas-Blind-SQL-injection.md
+
+#### Github
+No PoCs found on GitHub currently.
+

references.txt

@@ -21309,6 +21309,7 @@ CVE-2013-0330 - http://www.cloudbees.com/jenkins-advisory/jenkins-security-advis
 CVE-2013-0331 - http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb
 CVE-2013-0334 - http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
 CVE-2013-0338 - http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
+CVE-2013-0338 - http://www.ubuntu.com/usn/USN-1782-1
 CVE-2013-0340 - http://seclists.org/fulldisclosure/2021/Sep/33
 CVE-2013-0340 - http://seclists.org/fulldisclosure/2021/Sep/34
 CVE-2013-0340 - http://seclists.org/fulldisclosure/2021/Sep/35
@@ -74603,6 +74604,7 @@ CVE-2022-0088 - https://huntr.dev/bounties/d01f0726-1a0f-4575-ae17-4b5319b11c29
 CVE-2022-0090 - https://gitlab.com/gitlab-org/gitaly/-/issues/3948
 CVE-2022-0121 - https://huntr.dev/bounties/b70a6191-8226-4ac6-b817-cae7332a68ee
 CVE-2022-0122 - https://huntr.dev/bounties/41852c50-3c6d-4703-8c55-4db27164a4ae
+CVE-2022-0125 - https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0125.json
 CVE-2022-0128 - https://huntr.dev/bounties/63f51299-008a-4112-b85b-1e904aadd4ba
 CVE-2022-0132 - https://huntr.dev/bounties/77ec5308-5561-4664-af21-d780df2d1e4b
 CVE-2022-0133 - https://huntr.dev/bounties/80aabdc1-89fe-47b8-87ca-9d68107fc0b4
@@ -80292,6 +80294,7 @@ CVE-2022-3955 - https://github.com/tholum/crm42/issues/1
 CVE-2022-3956 - https://github.com/tsruban/HHIMS/issues/1
 CVE-2022-3972 - https://github.com/Pingkon/HMS-PHP/issues/1
 CVE-2022-3973 - https://github.com/Pingkon/HMS-PHP/issues/1
+CVE-2022-3973 - https://vuldb.com/?id.213552
 CVE-2022-3974 - https://github.com/axiomatic-systems/Bento4/issues/812
 CVE-2022-3977 - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3a732b46736cd8a29092e4b0b1a9ba83e672bf89
 CVE-2022-39799 - https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
@@ -83405,6 +83408,7 @@ CVE-2023-24320 - https://yuyudhn.github.io/CVE-2023-24320/
 CVE-2023-24322 - https://github.com/blakduk/Advisories/blob/main/Mojoportal/README.md
 CVE-2023-24323 - https://github.com/blakduk/Advisories/blob/main/Mojoportal/README.md
 CVE-2023-24329 - https://github.com/python/cpython/issues/102153
+CVE-2023-24334 - https://github.com/caoyebo/CVE/tree/main/TENDA%20AC23%20-%20CVE-2023-24334
 CVE-2023-24343 - https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/curTime_Vuls/01
 CVE-2023-24344 - https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/webpage_Vuls/01
 CVE-2023-24345 - https://github.com/1160300418/Vuls/tree/main/D-Link/DIR-605L/curTime_Vuls/03
@@ -83998,6 +84002,7 @@ CVE-2023-27000 - https://piotrryciak.com/posts/netscout-multiple-vulnerabilities
 CVE-2023-27008 - https://plantplants213607121.wordpress.com/2023/02/16/atutor-2-2-1-cross-site-scripting-via-the-token-body-parameter/
 CVE-2023-27010 - https://packetstormsecurity.com/files/171301/Wondershare-Dr-Fone-12.9.6-Weak-Permissions-Privilege-Escalation.html
 CVE-2023-27012 - https://github.com/DrizzlingSun/Tenda/blob/main/AC10/5/5.md
+CVE-2023-27013 - https://github.com/DrizzlingSun/Tenda/blob/main/AC10/2/2.md
 CVE-2023-27014 - https://github.com/DrizzlingSun/Tenda/blob/main/AC10/10/10.md
 CVE-2023-27015 - https://github.com/DrizzlingSun/Tenda/blob/main/AC10/4/4.md
 CVE-2023-27016 - https://github.com/DrizzlingSun/Tenda/blob/main/AC10/3/3.md
@@ -84027,12 +84032,14 @@ CVE-2023-27073 - https://github.com/bhaveshkush007/CVEs/blob/main/CVE-2023-27073
 CVE-2023-27077 - https://github.com/B2eFly/Router/blob/main/360/360D901.md
 CVE-2023-27078 - https://github.com/B2eFly/Router/blob/main/TPLINK/MR3020/1.md
 CVE-2023-27079 - https://github.com/B2eFly/Router/blob/main/Tenda/G103/2.md
+CVE-2023-27098 - https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098
 CVE-2023-27100 - http://packetstormsecurity.com/files/171791/pfsenseCE-2.6.0-Protection-Bypass.html
 CVE-2023-27102 - https://github.com/strukturag/libde265/issues/393
 CVE-2023-27103 - https://github.com/strukturag/libde265/issues/394
 CVE-2023-27107 - https://gist.github.com/smidtbx10/f8ff1c4977b7f54886c6a52e9ef4e816
 CVE-2023-27114 - https://github.com/radareorg/radare2/issues/21363
 CVE-2023-27115 - https://github.com/WebAssembly/wabt/issues/1938
+CVE-2023-27115 - https://github.com/WebAssembly/wabt/issues/1992
 CVE-2023-27116 - https://github.com/WebAssembly/wabt/issues/1984
 CVE-2023-27117 - https://github.com/WebAssembly/wabt/issues/1989
 CVE-2023-27119 - https://github.com/WebAssembly/wabt/issues/1990
@@ -84062,12 +84069,14 @@ CVE-2023-27193 - https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27193/C
 CVE-2023-27225 - https://packetstormsecurity.com
 CVE-2023-27229 - https://github.com/Am1ngl/ttt/tree/main/30
 CVE-2023-27231 - https://github.com/Am1ngl/ttt/tree/main/31
+CVE-2023-27232 - https://github.com/Am1ngl/ttt/tree/main/32
 CVE-2023-27233 - https://gist.github.com/renanavs/dcb13bb1cd618ce7eb0c80290b837245
 CVE-2023-27234 - https://github.com/Cherry-toto/jizhicms/issues/85
 CVE-2023-27235 - https://github.com/Cherry-toto/jizhicms/issues/85
 CVE-2023-2724 - http://packetstormsecurity.com/files/173131/Chrome-Internal-JavaScript-Object-Access-Via-Origin-Trials.html
 CVE-2023-27249 - https://github.com/keepinggg/poc/blob/main/poc_of_swfdump/poc
 CVE-2023-27249 - https://github.com/keepinggg/poc/tree/main/poc_of_swfdump
+CVE-2023-27249 - https://github.com/matthiaskramm/swftools/issues/197
 CVE-2023-27253 - http://packetstormsecurity.com/files/173487/pfSense-Restore-RRD-Data-Command-Injection.html
 CVE-2023-27267 - https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
 CVE-2023-27268 - https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
@@ -84104,6 +84113,7 @@ CVE-2023-27482 - https://www.elttam.com/blog/pwnassistant/
 CVE-2023-27487 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-5375-pq35-hf2g
 CVE-2023-27488 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-9g5w-hqr3-w2ph
 CVE-2023-27491 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-5jmv-cw9p-f9rp
+CVE-2023-27492 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-wpc2-2jp6-ppg2
 CVE-2023-27493 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-w5w5-487h-qv8q
 CVE-2023-27496 - https://github.com/envoyproxy/envoy/security/advisories/GHSA-j79q-2g66-2xv5
 CVE-2023-27497 - https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
@@ -84198,6 +84208,7 @@ CVE-2023-27842 - https://github.com/tristao-marinho/CVE-2023-27842/blob/main/REA
 CVE-2023-27843 - https://friends-of-presta.github.io/security-advisories/modules/2023/04/25/askforaquote.html
 CVE-2023-27847 - https://friends-of-presta.github.io/security-advisories/modules/2023/03/23/xipblog.html
 CVE-2023-27848 - https://github.com/omnitaint/Vulnerability-Reports/blob/9d65add2bca71ed6d6b2e281ee6790a12504ff8e/reports/broccoli-compass/report.md
+CVE-2023-27849 - https://github.com/omnitaint/Vulnerability-Reports/blob/2211ea4712f24d20b7f223fb737910fdfb041edb/reports/rails-routes-to-json/report.md
 CVE-2023-27882 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1733
 CVE-2023-2789 - https://github.com/DaisyPo/fuzzing-vulncollect/blob/main/cflow/stack-overflow/parser.c/README.md
 CVE-2023-2789 - https://github.com/DaisyPo/fuzzing-vulncollect/files/11343936/poc-file.zip
@@ -84640,6 +84651,7 @@ CVE-2023-30330 - https://github.com/Filiplain/LFI-to-RCE-SE-Suite-2.0
 CVE-2023-30330 - https://www.exploit-db.com/exploits/51404
 CVE-2023-30331 - https://github.com/luelueking/Beetl-3.15.0-vuln-poc
 CVE-2023-30347 - https://github.com/huzefa2212/CVE-2023-30347/blob/main/poc.txt
+CVE-2023-30349 - https://github.com/jflyfox/jfinal_cms/issues/54
 CVE-2023-30350 - http://packetstormsecurity.com/files/172124/FS-S3900-24T4S-Privilege-Escalation.html
 CVE-2023-30362 - https://github.com/obgm/libcoap/issues/1063
 CVE-2023-30363 - https://github.com/Tencent/vConsole/issues/616
@@ -88036,6 +88048,8 @@ CVE-2023-7092 - https://vuldb.com/?id.248939
 CVE-2023-7095 - https://github.com/unpWn4bL3/iot-security/blob/main/2.md
 CVE-2023-7100 - https://medium.com/@2839549219ljk/restaurant-table-booking-system-sql-injection-vulnerability-30708cfabe03
 CVE-2023-7101 - https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md
+CVE-2023-7101 - https://https://github.com/haile01/perl_spreadsheet_excel_rce_poc
+CVE-2023-7102 - https://github.com/haile01/perl_spreadsheet_excel_rce_poc
 CVE-2023-7102 - https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md
 CVE-2023-7105 - https://github.com/h4md153v63n/CVEs/blob/main/E-Commerce_Website/E-Commerce%20Website%20-%20SQL%20Injection%201.md
 CVE-2023-7106 - https://github.com/h4md153v63n/CVEs/blob/main/E-Commerce_Website/E-Commerce%20Website%20-%20SQL%20Injection%202.md
@@ -88057,6 +88071,7 @@ CVE-2023-7130 - https://vuldb.com/?id.249133
 CVE-2023-7131 - https://github.com/h4md153v63n/CVEs/blob/main/Intern_Membership_Management_System/Intern_Membership_Management_System-SQL-Injection.md
 CVE-2023-7132 - https://github.com/h4md153v63n/CVEs/blob/main/Intern_Membership_Management_System/Intern_Membership_Management_System-Stored_Cross_site_Scripting.md
 CVE-2023-7134 - https://medium.com/@2839549219ljk/medicine-tracking-system-rce-vulnerability-1f009165b915
+CVE-2023-7135 - https://github.com/h4md153v63n/CVEs/blob/main/Record_Management_System/Record_Management_System-Blind_Cross_Site_Scripting-1.md
 CVE-2023-7136 - https://github.com/h4md153v63n/CVEs/blob/main/Record_Management_System/Record_Management_System-Blind_Cross_Site_Scripting-2.md
 CVE-2023-7137 - https://github.com/h4md153v63n/CVEs/blob/main/Client_Details_System/Client_Details_System-SQL_Injection_1.md
 CVE-2023-7138 - https://github.com/h4md153v63n/CVEs/blob/main/Client_Details_System/Client_Details_System-SQL_Injection_2.md
@@ -88216,6 +88231,7 @@ CVE-2024-1709 - https://www.horizon3.ai/attack-research/red-team/connectwise-scr
 CVE-2024-1709 - https://www.huntress.com/blog/a-catastrophe-for-control-understanding-the-screenconnect-authentication-bypass
 CVE-2024-1709 - https://www.huntress.com/blog/detection-guidance-for-connectwise-cwe-288-2
 CVE-2024-1709 - https://www.huntress.com/blog/vulnerability-reproduced-immediately-patch-screenconnect-23-9-8
+CVE-2024-1784 - https://github.com/liyako/vulnerability/blob/main/POC/Limbas-Blind-SQL-injection.md
 CVE-2024-20287 - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-wap-inject-bHStWgXO
 CVE-2024-20729 - https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1890
 CVE-2024-21413 - https://research.checkpoint.com/2024/the-risks-of-the-monikerlink-bug-in-microsoft-outlook-and-the-big-picture/