Update Thu Feb 15 18:10:53 UTC 2024

2022/CVE-2022-2586.md

@@ -10,6 +10,7 @@ It was discovered that a nft object or expression could reference a nft set on a
 ### POC
 
 #### Reference
+- https://ubuntu.com/security/notices/USN-5560-2
 - https://ubuntu.com/security/notices/USN-5562-1
 - https://www.openwall.com/lists/oss-security/2022/08/09/5
 

2022/CVE-2022-2588.md

@@ -10,6 +10,7 @@ It was discovered that the cls_route filter implementation in the Linux kernel w
 ### POC
 
 #### Reference
+- https://ubuntu.com/security/notices/USN-5560-2
 - https://ubuntu.com/security/notices/USN-5562-1
 - https://www.openwall.com/lists/oss-security/2022/08/09/6
 

2023/CVE-2023-46596.md

@@ -1,11 +1,11 @@
 ### [CVE-2023-46596](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46596)
 ![](https://img.shields.io/static/v1?label=Product&message=Algosec%20FireFlow&color=blue)
-![](https://img.shields.io/static/v1?label=Version&message=%3D%20A32.10%2C%20A32.20%2C%20A32.50%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20A32.20%2C%20A32.50%2C%20A32.60%20&color=brighgreen)
 ![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Improper%20Neutralization%20of%20Input%20During%20Web%20Page%20Generation%20('Cross-site%20Scripting')&color=brighgreen)
 
 ### Description
 
-Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. Fixed in version A32.20 (b600 andabove), A32.50 (b430 andabove), A32.60 (b250 andabove)
+Improper input validation in Algosec FireFlow VisualFlow workflow editor via Name, Description and Configuration File field in version A32.20, A32.50, A32.60 permits an attacker to initiate an XSS attack by injecting malicious executable scripts into the application's code. Fixed in version A32.20 (b600 and above), A32.50 (b430 and above), A32.60 (b250 and above)
 
 ### POC
 

2023/CVE-2023-46980.md

@@ -11,6 +11,7 @@ An issue in Best Courier Management System v.1.0 allows a remote attacker to exe
 
 #### Reference
 - https://github.com/sajaljat/CVE-2023-46980/tree/main
+- https://youtu.be/3Mz2lSElg7Y
 
 #### Github
 - https://github.com/nomi-sec/PoC-in-GitHub

2023/CVE-2023-47218.md

@@ -13,7 +13,7 @@ An OS command injection vulnerability has been reported to affect several QNAP o
 ### POC
 
 #### Reference
-No PoCs from references.
+- https://www.rapid7.com/blog/post/2024/02/13/cve-2023-47218-qnap-qts-and-quts-hero-unauthenticated-command-injection-fixed/
 
 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds

2023/CVE-2023-50356.md

@@ -5,7 +5,7 @@
 
 ### Description
 
-SSL connections to NOVELL and Synology LDAP server are vulnerable to a man-in-the-middle attack due to improper certificate validation in AREAL Topkapi Vision (Server). This allows a remote unauthenticated attacker to gather sensitive information and prevent valid users from login.
+SSL connections to some LDAP servers are vulnerable to a man-in-the-middle attack due to improper certificate validation in AREAL Topkapi Vision (Server). This allows a remote unauthenticated attacker to gather sensitive information and prevent valid users from login.
 
 ### POC
 

2024/CVE-2024-24386.md

@@ -0,0 +1,18 @@
+### [CVE-2024-24386](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24386)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue in VitalPBX v.3.2.4-5 allows an attacker to execute arbitrary code via a crafted payload to the /var/lib/vitalpbx/scripts folder.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/erick-duarte/CVE-2024-24386
+- https://github.com/nomi-sec/PoC-in-GitHub
+

2024/CVE-2024-25301.md

@@ -0,0 +1,17 @@
+### [CVE-2024-25301](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25301)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Redaxo v5.15.1 was discovered to contain a remote code execution (RCE) vulnerability via the component /pages/templates.php.
+
+### POC
+
+#### Reference
+- https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39459
+
+#### Github
+No PoCs found on GitHub currently.
+

references.txt

@@ -76659,6 +76659,7 @@ CVE-2022-25854 - https://bsg.tech/blog/cve-2022-25854-stored-xss-in-yaireo-tagif
 CVE-2022-25855 - https://security.snyk.io/vuln/SNYK-JS-CREATECHOOAPP3-3157951
 CVE-2022-25858 - https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949722
 CVE-2022-25858 - https://snyk.io/vuln/SNYK-JS-TERSER-2806366
+CVE-2022-2586 - https://ubuntu.com/security/notices/USN-5560-2
 CVE-2022-2586 - https://ubuntu.com/security/notices/USN-5562-1
 CVE-2022-2586 - https://www.openwall.com/lists/oss-security/2022/08/09/5
 CVE-2022-25860 - https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3177391
@@ -76680,6 +76681,7 @@ CVE-2022-25875 - https://snyk.io/vuln/SNYK-JS-SVELTE-2931080
 CVE-2022-25876 - https://snyk.io/vuln/SNYK-JS-LINKPREVIEWJS-2933520
 CVE-2022-25878 - https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2841507
 CVE-2022-25878 - https://snyk.io/vuln/SNYK-JS-PROTOBUFJS-2441248
+CVE-2022-2588 - https://ubuntu.com/security/notices/USN-5560-2
 CVE-2022-2588 - https://ubuntu.com/security/notices/USN-5562-1
 CVE-2022-2588 - https://www.openwall.com/lists/oss-security/2022/08/09/6
 CVE-2022-25881 - https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-3253332
@@ -86681,6 +86683,7 @@ CVE-2023-46978 - https://github.com/shinypolaris/vuln-reports/blob/master/TOTOLI
 CVE-2023-46979 - https://github.com/shinypolaris/vuln-reports/blob/master/TOTOLINK%20X6000R/2/README.md
 CVE-2023-4698 - https://huntr.dev/bounties/e1107d79-1d63-4238-90b7-5cc150512654
 CVE-2023-46980 - https://github.com/sajaljat/CVE-2023-46980/tree/main
+CVE-2023-46980 - https://youtu.be/3Mz2lSElg7Y
 CVE-2023-46981 - https://github.com/JunFengDeng/Cve-List/blob/main/novel-plus/20231027/vuln/readme.md
 CVE-2023-46987 - https://blog.csdn.net/weixin_72610998/article/details/133420747?spm=1001.2014.3001.5501
 CVE-2023-46992 - https://github.com/AuroraHaaash/vul_report/blob/main/TOTOLINK%20A3300R/readme.md
@@ -86698,6 +86701,7 @@ CVE-2023-4714 - http://packetstormsecurity.com/files/174446/PlayTube-3.0.1-Infor
 CVE-2023-47171 - https://talosintelligence.com/vulnerability_reports/TALOS-2023-1869
 CVE-2023-4720 - https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad
 CVE-2023-4721 - https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc
+CVE-2023-47218 - https://www.rapid7.com/blog/post/2024/02/13/cve-2023-47218-qnap-qts-and-quts-hero-unauthenticated-command-injection-fixed/
 CVE-2023-4722 - https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830
 CVE-2023-47249 - https://github.com/InternationalColorConsortium/DemoIccMAX/issues/54
 CVE-2023-47250 - http://packetstormsecurity.com/files/175949/m-privacy-TightGate-Pro-Code-Execution-Insecure-Permissions.html
@@ -87859,6 +87863,7 @@ CVE-2024-25218 - https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20
 CVE-2024-25220 - https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20SQL%20Injection%20-%202.md
 CVE-2024-25222 - https://github.com/BurakSevben/CVEs/blob/main/Task%20Manager%20App/Task%20Manager%20App%20-%20SQL%20Injection%20-%201.md
 CVE-2024-25300 - https://github.com/WoodManGitHub/MyCVEs/blob/main/2024-REDAXO/XSS.md
+CVE-2024-25301 - https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2021-39459
 CVE-2024-25302 - https://github.com/tubakvgc/CVE/blob/main/Event_Student_Attendance_System.md
 CVE-2024-25304 - https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20SQL%20Injection%20-2.md
 CVE-2024-25305 - https://github.com/tubakvgc/CVEs/blob/main/Simple%20School%20Management%20System/Simple%20School%20Managment%20System%20-%20Authentication%20Bypass.md