Lista CVE 2024/9xxx

CVE nel gruppo: 9xxx

CVE-2024-9000 (N/A)

CVE-2024-9001 (Improper Authorization and Duplicate Slug Vulnerability in lunary-ai/lunary)

CVE-2024-9002 (TOTOLINK T10 cstecgi.cgi setTracerouteCfg os command injection)

CVE-2024-9003 (N/A)

CVE-2024-9004 (Jinan Chicheng Company JFlow Attachment EntityMutliFile_Load.do AttachmentUploadController access control)

CVE-2024-9005 (D-Link DAR-7000 Backup_Server_commit.php os command injection)

CVE-2024-9006 (N/A)

CVE-2024-9007 (jeanmarc77 123solar config_invt1.php code injection)

CVE-2024-9008 (jeanmarc77 123solar detailed.php cross site scripting)

CVE-2024-9009 (SourceCodester Best Online News Portal Comment Section news-details.php sql injection)

CVE-2024-9010 (code-projects Online Quiz Site showtest.php sql injection)

CVE-2024-9011 (N/A)

CVE-2024-9014 (code-projects Crud Operation System updata.php sql injection)

CVE-2024-9015 (OAuth2 client id and secret exposed through the web browser in pgAdmin 4)

CVE-2024-9016 (N/A)

CVE-2024-9018 (Unauthenticated Remote Command Execution in man-group/dtale)

CVE-2024-9019 (WP Easy Gallery <= 4.8.5 - Authenticated (Contributor+) SQL Injection via key Parameter)

CVE-2024-9020 (SecuPress Free — WordPress Security <= 2.2.5.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via secupress_check_ban_ips_form Shortcode)

CVE-2024-9021 (List category posts < 0.90.3 - Author+ Stored XSS)

CVE-2024-9022 (Relevanssi < 4.23.1 - Contributor+ Stored XSS)