Test Blog - Cloud WAF

CVE-2024-39565 : JUNIPER NETWORKS JUNOS OS UP TO 23.4R1-S1J-WEB XPATH INJECTION

Description An Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker…

Common Vulnerabilities and Exposures

CVE-2024-6624 : JSON API USER PLUGIN UP TO 3.9.3 ON WORDPRESS REMOTE CODE EXECUTION

Description The JSON API User plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 3.9.3. This is due to…

Common Vulnerabilities and Exposures

CVE-2024-37310 : EVEREST CORE PRIOR 2024.3.1/2024.6.0 V2G_SERVER.CPP V2G_INCOMING_V2GTP HEAP-BASED OVERFLOW

Description EVerest is an EV charging software stack. An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to…

Common Vulnerabilities and Exposures

CVE-2024-5910 : PALO ALTO NETWORKS EXPEDITION UP TO 1.2.91 MISSING AUTHENTICATION

Description Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access…

Common Vulnerabilities and Exposures

CVE-2024-37113 : MEMBERSHIP SOFTWARE WISHLIST MEMBER X PLUGIN UP TO 3.26.6 ON WORDPRESS INFORMATION DISCLOSURE

Description Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Membership Software WishList Member X.This issue affects WishList Member X: from n/a before 3.26.7.…

Common Vulnerabilities and Exposures

CVE-2024-3325 : JASPERSOFT JASPERREPORT SERVERS UP TO 9.0.0 PRIVILEGE ESCALATION

Description Vulnerability in Jaspersoft JasperReport Servers.This issue affects JasperReport Servers: from 8.0.4 through 9.0.0. References https://community.jaspersoft.com/advisories/jaspersoft-security-advisory-july-9-2024-jasperreports-server-cve-2024-3325-r4/ For More Information CVERecord