CVE-2024-22144 : ELI SCHEETZ ANTI-MALWARE SECURITY AND BRUTE-FORCE FIREWALL PLUGIN CODE INJECTION

Description

Improper Control of Generation of Code (‘Code Injection’) vulnerability in Eli Scheetz Anti-Malware Security and Brute-Force Firewall gotmls allows Code Injection.This issue affects Anti-Malware Security and Brute-Force Firewall: from n/a through 4.21.96.

References

https://patchstack.com/database/vulnerability/gotmls/wordpress-anti-malware-security-and-brute-force-firewall-plugin-4-21-96-unauthenticated-predictable-nonce-brute-force-leading-to-rce-vulnerability

https://sec.stealthcopter.com/cve-2024-22144/

https://patchstack.com/articles/critical-vulnerability-found-in-gotmls-plugin

For More Information

CVERecord

Contact us to get started

CVE-2024-49592 : MCAFEE TRIAL INSTALLER 16.0.53 ACCESS CONTROL

Description McAfee Trial Installer 16.0.53 has Incorrect Access Control that leads to Local Escalation of Privileges. References https://www.mcafee.com/support/s/article/000002516?language=en_US For More

Learn more

CVE-2024-10934 : OPENBSD UP TO 7.4 ERRATA 020/7.5 ERRATA 007 NFS CLIENT/NFS SERVER DOUBLE FREE

Description In OpenBSD 7.5 before errata 008 and OpenBSD 7.4 before errata 021, avoid possible mbuf double free in NFS

Learn more

CVE-2024-40638 : GLPI UP TO 10.0.16 SQL INJECTION

Description GLPI is a free asset and IT management software package. An authenticated user can exploit multiple SQL injection vulnerabilities.

Learn more