Security Vulnerabilities - CVEs Published In October 2024
The devices are vulnerable to session hijacking due to insufficient
entropy in its session ID generation algorithm. The session IDs are
predictable, with only 32,768 possible values per user, which allows
attackers to pre-generate valid session IDs, leading to unauthorized
access to user sessions. This is not only due to the use of an
(insecure) rand() function call but also because of missing
initialization via srand(). As a result only the PIDs are effectively
used as seed.
CVSS Score
9.8
EPSS Score
0.004
Published
2024-10-15
Enterprise Cloud Database from Ragic does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files.
CVSS Score
7.5
EPSS Score
0.007
Published
2024-10-15
Enterprise Cloud Database from Ragic does not authenticate access to specific functionality, allowing unauthenticated remote attackers to use this functionality to obtain any user's session cookie.
CVSS Score
9.8
EPSS Score
0.019
Published
2024-10-15
Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. Attackers with regular privileges can upload a webshell and use it to execute arbitrary code on the remote server.
CVSS Score
10.0
EPSS Score
0.005
Published
2024-10-15
The Smart Online Order for Clover plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's moo_receipt_link shortcode in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
CVSS Score
6.4
EPSS Score
0.004
Published
2024-10-15
SQL injection vulnerability in TAI Smart Factory's QPLANT SF version 1.0. Exploitation of this vulnerability could allow a remote attacker to retrieve all database information by sending a specially crafted SQL query to the ‘email’ parameter on the ‘RequestPasswordChange’ endpoint.
CVSS Score
9.8
EPSS Score
0.01
Published
2024-10-15
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents.
CVSS Score
8.8
EPSS Score
0.017
Published
2024-10-15
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include the file, resulting in arbitrary code execution on the server.
CVSS Score
8.8
EPSS Score
0.052
Published
2024-10-15
SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. If this vulnerability is exploited, arbitrary files on the server may be retrieved when processing crafted HTTP requests.
CVSS Score
8.6
EPSS Score
0.01
Published
2024-10-15
NVIDIA NeMo contains a vulnerability in SaveRestoreConnector where a user may cause a path traversal issue via an unsafe .tar file extraction. A successful exploit of this vulnerability may lead to code execution and data tampering.
CVSS Score
6.3
EPSS Score
0.001
Published
2024-10-15