CVEDB API

Vulnerabilities

Vulnerable Software

Security Vulnerabilities - CVEs Published In August 2024

CVE-2024-43397

Apollo is a configuration management system. A vulnerability exists in the synchronization configuration feature that allows users to craft specific requests to bypass permission checks. This exploit enables them to modify a namespace without the necessary permissions. The issue was addressed with an input parameter check which was released in version 2.3.0.

CVSS Score

4.3

EPSS Score

0.001

Published

2024-08-20

CVE-2024-43404

MEGABOT is a fully customized Discord bot for learning and fun. The `/math` command and functionality of MEGABOT versions < 1.5.0 contains a remote code execution vulnerability due to a Python `eval()`. The vulnerability allows an attacker to inject Python code into the `expression` parameter when using `/math` in any Discord channel. This vulnerability impacts any discord guild utilizing MEGABOT. This vulnerability was fixed in release version 1.5.0.

CVSS Score

9.8

EPSS Score

0.043

Published

2024-08-20

CVE-2024-42605

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/edit_page.php?link_id=1

CVSS Score

8.8

EPSS Score

0.002

Published

2024-08-20

CVE-2024-42606

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_log.php?clear=1

CVSS Score

8.8

EPSS Score

0.002

Published

2024-08-20

CVE-2024-42607

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=database

CVSS Score

8.8

EPSS Score

0.003

Published

2024-08-20

CVE-2024-42609

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=avatars

CVSS Score

8.8

EPSS Score

0.002

Published

2024-08-20

CVE-2024-42610

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=files

CVSS Score

8.8

EPSS Score

0.003

Published

2024-08-20

CVE-2024-42611

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/admin_page.php?link_id=1&mode=delete

CVSS Score

8.8

EPSS Score

0.002

Published

2024-08-20

CVE-2024-42613

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_widgets.php?action=install&widget=akismet

CVSS Score

8.8

EPSS Score

0.002

Published

2024-08-20

CVE-2024-42616

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_widgets.php?action=remove&widget=Statistics

CVSS Score

8.8

EPSS Score

0.002

Published

2024-08-20

Prev Next

Page 90

Vulnerabilities

Vulnerable Software

Security Vulnerabilities - CVEs Published In August 2024

Products

Pricing

Contact Us