Merge pull request #1211 from e-m-b-a/packetstorm_update

Packetstorm database update
e-m-b-a · Jun 30, 2024 · 51bf4bc · 51bf4bc
2 parents 73b8b72 + 4f4cbc7
commit 51bf4bc
Showing 1 changed file with 8 additions and 0 deletions.
diff --git a/config/PS_PoC_results.csv b/config/PS_PoC_results.csv
@@ -10273,6 +10273,7 @@ CVE-2024-27747;Petrol Pump Management System 1.0 Shell Upload;https://packetstor
 CVE-2024-27815;TURPENTINE XNU Kernel Buffer Overflow;https://packetstormsecurity.com/files/179172/TURPENTINE-XNU-Kernel-Buffer-Overflow.html;unknown
 CVE-2024-28085;util linux wall Escape Sequence Injection;https://packetstormsecurity.com/files/177840/util-linux-wall-Escape-Sequence-Injection.html;unknown
 CVE-2024-28121;StimulusReflex 3.5.0 Arbitrary Code Execution;https://packetstormsecurity.com/files/177595/StimulusReflex-3.5.0-Arbitrary-Code-Execution.html;unknown
+CVE-2024-28147;Edu Sharing Arbitrary File Upload;https://packetstormsecurity.com/files/179199/Edu-Sharing-Arbitrary-File-Upload.html;unknown
 CVE-2024-28320;Hospital Management System 1.0 Insecure Direct Object Reference Account Takeover;https://packetstormsecurity.com/files/177326/Hospital-Management-System-1.0-Insecure-Direct-Object-Reference-Account-Takeover.html;unknown
 CVE-2024-28595;Employee Management System 1.0 SQL Injection;https://packetstormsecurity.com/files/177681/Employee-Management-System-1.0-SQL-Injection.html;remote
 CVE-2024-28635;SurveyJS Survey Creator 1.9.132 Cross Site Scripting;https://packetstormsecurity.com/files/177658/SurveyJS-Survey-Creator-1.9.132-Cross-Site-Scripting.html;unknown
@@ -10281,6 +10282,7 @@ CVE-2024-28735;Financials By Coda Authorization Bypass;https://packetstormsecuri
 CVE-2024-28736;Debezium UI 2.5 Credential Disclosure;https://packetstormsecurity.com/files/178794/Debezium-UI-2.5-Credential-Disclosure.html;unknown
 CVE-2024-28741;NorthStar C2 Agent 1.0 Cross Site Scripting Remote Command Execution;https://packetstormsecurity.com/files/177542/NorthStar-C2-Agent-1.0-Cross-Site-Scripting-Remote-Command-Execution.html;unknown
 CVE-2024-2891;Xbox GamingService Arbitrary Folder Move;https://packetstormsecurity.com/files/177712/Xbox-GamingService-Arbitrary-Folder-Move.html;unknown
+CVE-2024-28999;SolarWinds Platform 2024.1 SR1 Race Condition;https://packetstormsecurity.com/files/179214/SolarWinds-Platform-2024.1-SR1-Race-Condition.html;unknown
 CVE-2024-29291;Laravel Framework 11 Credential Disclosure;https://packetstormsecurity.com/files/178210/Laravel-Framework-11-Credential-Disclosure.html;unknown
 CVE-2024-29301;Task Management System 1.0 SQL Injection;https://packetstormsecurity.com/files/177737/Task-Management-System-1.0-SQL-Injection.html;remote
 CVE-2024-29302;Task Management System 1.0 SQL Injection;https://packetstormsecurity.com/files/177737/Task-Management-System-1.0-SQL-Injection.html;remote
@@ -10329,14 +10331,19 @@ CVE-2024-34241;Rocket LMS 1.9 Cross Site Scripting;https://packetstormsecurity.c
 CVE-2024-34481;Drupal Wiki 8.31 8.30 Cross Site Scripting;https://packetstormsecurity.com/files/178487/Drupal-Wiki-8.31-8.30-Cross-Site-Scripting.html;unknown
 CVE-2024-34724;PowerVR _UnrefAndMaybeDestroy Use After Free;https://packetstormsecurity.com/files/178647/PowerVR-_UnrefAndMaybeDestroy-Use-After-Free.html;unknown
 CVE-2024-34833;Payroll Management System 1.0 Remote Code Execution;https://packetstormsecurity.com/files/179106/Payroll-Management-System-1.0-Remote-Code-Execution.html;remote
+CVE-2024-36495;Faronics WINSelect Hardcoded Credentials Bad Permissions Unhashed Password;https://packetstormsecurity.com/files/179205/Faronics-WINSelect-Hardcoded-Credentials-Bad-Permissions-Unhashed-Password.html;unknown
+CVE-2024-36496;Faronics WINSelect Hardcoded Credentials Bad Permissions Unhashed Password;https://packetstormsecurity.com/files/179205/Faronics-WINSelect-Hardcoded-Credentials-Bad-Permissions-Unhashed-Password.html;unknown
+CVE-2024-36497;Faronics WINSelect Hardcoded Credentials Bad Permissions Unhashed Password;https://packetstormsecurity.com/files/179205/Faronics-WINSelect-Hardcoded-Credentials-Bad-Permissions-Unhashed-Password.html;unknown
 CVE-2024-36597;AEGON LIFE 1.0 SQL Injection;https://packetstormsecurity.com/files/179086/AEGON-LIFE-1.0-SQL-Injection.html;remote
 CVE-2024-36598;AEGON LIFE 1.0 Remote Code Execution;https://packetstormsecurity.com/files/179087/AEGON-LIFE-1.0-Remote-Code-Execution.html;remote
 CVE-2024-36599;AEGON LIFE 1.0 Cross Site Scripting;https://packetstormsecurity.com/files/179088/AEGON-LIFE-1.0-Cross-Site-Scripting.html;unknown
 CVE-2024-36840;Boelter Blue System Management 1.3 SQL Injection;https://packetstormsecurity.com/files/178978/Boelter-Blue-System-Management-1.3-SQL-Injection.html;remote
+CVE-2024-37032;Ollama Remote Code Execution;https://packetstormsecurity.com/files/179218/Ollama-Remote-Code-Execution.html;remote
 CVE-2024-37856;Lost And Found Information System 1.0 Cross Site Scripting;https://packetstormsecurity.com/files/179078/Lost-And-Found-Information-System-1.0-Cross-Site-Scripting.html;unknown
 CVE-2024-37857;Lost And Found Information System 1.0 SQL Injection;https://packetstormsecurity.com/files/179080/Lost-And-Found-Information-System-1.0-SQL-Injection.html;remote
 CVE-2024-37858;Lost And Found Information System 1.0 SQL Injection;https://packetstormsecurity.com/files/179079/Lost-And-Found-Information-System-1.0-SQL-Injection.html;remote
 CVE-2024-37859;Lost And Found Information System 1.0 Cross Site Scripting;https://packetstormsecurity.com/files/179081/Lost-And-Found-Information-System-1.0-Cross-Site-Scripting.html;unknown
+CVE-2024-39248;SimpCMS 0.1 Cross Site Scripting;https://packetstormsecurity.com/files/179219/SimpCMS-0.1-Cross-Site-Scripting.html;unknown
 CVE-2024-4293;Doctor Appointment Management System 1.0 Cross Site Scripting;https://packetstormsecurity.com/files/178303/Doctor-Appointment-Management-System-1.0-Cross-Site-Scripting.html;unknown
 CVE-2024-4348;osCommerce 4 Cross Site Scripting;https://packetstormsecurity.com/files/178375/osCommerce-4-Cross-Site-Scripting.html;unknown
 CVE-2024-4577;PHP Remote Code Execution;https://packetstormsecurity.com/files/179085/PHP-Remote-Code-Execution.html;remote
@@ -10346,3 +10353,4 @@ CVE-2024-5411;ORing IAP 420 2.01e Cross Site Scripting Command Injection;https:/
 CVE-2024-5420;SEH utnserver Pro ProMAX INU 100 20.1.22 XSS DoS File Disclosure;https://packetstormsecurity.com/files/178999/SEH-utnserver-Pro-ProMAX-INU-100-20.1.22-XSS-DoS-File-Disclosure.html;DoS
 CVE-2024-5421;SEH utnserver Pro ProMAX INU 100 20.1.22 XSS DoS File Disclosure;https://packetstormsecurity.com/files/178999/SEH-utnserver-Pro-ProMAX-INU-100-20.1.22-XSS-DoS-File-Disclosure.html;DoS
 CVE-2024-5422;SEH utnserver Pro ProMAX INU 100 20.1.22 XSS DoS File Disclosure;https://packetstormsecurity.com/files/178999/SEH-utnserver-Pro-ProMAX-INU-100-20.1.22-XSS-DoS-File-Disclosure.html;DoS
+CVE-2024-5676;Paradox IP150 Internet Module 1.40.00 Cross Site Request Forgery;https://packetstormsecurity.com/files/179182/Paradox-IP150-Internet-Module-1.40.00-Cross-Site-Request-Forgery.html;unknown