Updated by CVEDB-BOT 🤖

CVELab · Nov 8, 2024 · 7121aa9 · 7121aa9
1 parent bc47edd
commit 7121aa9
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/db/cve.sqlite b/db/cve.sqlite
diff --git a/docs/README.md b/docs/README.md
@@ -2,7 +2,7 @@
 
 > Automatic monitor github cve using Github Actions 
 
- Last generated : 2024-11-08 11:19:05.669631
+ Last generated : 2024-11-08 12:45:32.755539
 
 | CVE | Name | Description | Date |
 |---|---|---|---|
@@ -314,6 +314,7 @@
 | [CVE-2024-51378](https://www.cve.org/CVERecord?id=CVE-2024-51378) | [refr4g/CVE-2024-51378](https://github.com/refr4g/CVE-2024-51378) | no description | 2024-10-29T23:34:27Z|
 | [CVE-2024-51358](https://www.cve.org/CVERecord?id=CVE-2024-51358) | [Kov404/CVE-2024-51358](https://github.com/Kov404/CVE-2024-51358) | no description | 2024-11-02T14:55:00Z|
 | [CVE-2024-5124](https://www.cve.org/CVERecord?id=CVE-2024-5124) | [gogo2464/CVE-2024-5124](https://github.com/gogo2464/CVE-2024-5124) | no description | 2024-10-30T09:53:42Z|
+| [CVE-2024-51179](https://www.cve.org/CVERecord?id=CVE-2024-51179) | [Lakshmirnr/CVE-2024-51179](https://github.com/Lakshmirnr/CVE-2024-51179) | no description | 2024-11-08T11:47:07Z|
 | [CVE-2024-51136](https://www.cve.org/CVERecord?id=CVE-2024-51136) | [JAckLosingHeart/CVE-2024-51136-POC](https://github.com/JAckLosingHeart/CVE-2024-51136-POC) | no description | 2024-11-05T02:04:01Z|
 | [CVE-2024-51132](https://www.cve.org/CVERecord?id=CVE-2024-51132) | [JAckLosingHeart/CVE-2024-51132-POC](https://github.com/JAckLosingHeart/CVE-2024-51132-POC) | no description | 2024-11-02T14:30:29Z|
 | [CVE-2024-51032](https://www.cve.org/CVERecord?id=CVE-2024-51032) | [Shree-Chandragiri/CVE-2024-51032](https://github.com/Shree-Chandragiri/CVE-2024-51032) | A Cross-site Scripting (XSS) vulnerability in manage_recipient.php of Sourcecodester Toll Tax Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the &quot;owner&quot; input field. | 2024-11-05T20:41:15Z|
@@ -334,6 +335,8 @@
 | [CVE-2024-50478](https://www.cve.org/CVERecord?id=CVE-2024-50478) | [RandomRobbieBF/CVE-2024-50478](https://github.com/RandomRobbieBF/CVE-2024-50478) | 1-Click Login: Passwordless Authentication 1.4.5 - Authentication Bypass via Account Takeover | 2024-11-05T22:04:55Z|
 | [CVE-2024-50476](https://www.cve.org/CVERecord?id=CVE-2024-50476) | [RandomRobbieBF/CVE-2024-50476](https://github.com/RandomRobbieBF/CVE-2024-50476) | GRÜN spendino Spendenformular &lt;= 1.0.1 - Unauthenticated Arbitrary Options Update | 2024-11-04T09:30:36Z|
 | [CVE-2024-50475](https://www.cve.org/CVERecord?id=CVE-2024-50475) | [RandomRobbieBF/CVE-2024-50475](https://github.com/RandomRobbieBF/CVE-2024-50475) | Signup Page &lt;= 1.0 - Unauthenticated Arbitrary Options Update | 2024-11-04T10:46:46Z|
+| [CVE-2024-50450](https://www.cve.org/CVERecord?id=CVE-2024-50450) | [RandomRobbieBF/CVE-2024-50450](https://github.com/RandomRobbieBF/CVE-2024-50450) | WordPress Meta Data and Taxonomies Filter (MDTF) &lt;= 1.3.3.4 - Unauthenticated Arbitrary Shortcode Execution | 2024-11-08T11:24:16Z|
+| [CVE-2024-50427](https://www.cve.org/CVERecord?id=CVE-2024-50427) | [RandomRobbieBF/CVE-2024-50427](https://github.com/RandomRobbieBF/CVE-2024-50427) | SurveyJS: Drag &amp; Drop WordPress Form Builder &lt;= 1.9.136 - Authenticated (Subscriber+) Arbitrary File Upload | 2024-11-08T12:24:06Z|
 | [CVE-2024-50340](https://www.cve.org/CVERecord?id=CVE-2024-50340) | [Nyamort/CVE-2024-50340](https://github.com/Nyamort/CVE-2024-50340) | no description | 2024-11-06T21:24:43Z|
 | [CVE-2024-5009](https://www.cve.org/CVERecord?id=CVE-2024-5009) | [sinsinology/CVE-2024-5009](https://github.com/sinsinology/CVE-2024-5009) | Exploit for CVE-2024-5009 | 2024-07-08T12:15:29Z|
 | [CVE-2024-5009](https://www.cve.org/CVERecord?id=CVE-2024-5009) | [th3gokul/CVE-2024-5009](https://github.com/th3gokul/CVE-2024-5009) | CVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation | 2024-07-09T16:56:49Z|
@@ -15370,6 +15373,7 @@
 | [CVE-2019-12497](https://www.cve.org/CVERecord?id=CVE-2019-12497) | [Live-Hack-CVE/CVE-2019-12497](https://github.com/Live-Hack-CVE/CVE-2019-12497) | An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents (e.g., Name and mail address) can be disclosed in external notes. CVE project by @Sn0wAlice | 2023-01-20T17:55:15Z|
 | [CVE-2019-12461](https://www.cve.org/CVERecord?id=CVE-2019-12461) | [emrekara369/cve-2019-12461](https://github.com/emrekara369/cve-2019-12461) | no description | 2022-06-08T16:20:44Z|
 | [CVE-2019-1246](https://www.cve.org/CVERecord?id=CVE-2019-1246) | [emrekara369/cve-2019-1246](https://github.com/emrekara369/cve-2019-1246) | no description | 2022-06-08T16:20:34Z|
+| [CVE-2019-12422](https://www.cve.org/CVERecord?id=CVE-2019-12422) | [BaiHLiu/RuoYI-4.2-Shiro-721-Docker-PoC](https://github.com/BaiHLiu/RuoYI-4.2-Shiro-721-Docker-PoC) | 若依4.2 (Shiro 1.4.1) Shiro-721 (CVE-2019-12422)漏洞复现环境 | 2024-11-08T12:30:13Z|
 | [CVE-2019-12416](https://www.cve.org/CVERecord?id=CVE-2019-12416) | [Live-Hack-CVE/CVE-2019-12416](https://github.com/Live-Hack-CVE/CVE-2019-12416) | we got reports for 2 injection attacks against the DeltaSpike windowhandler.js. This is only active if a developer selected the ClientSideWindowStrategy which is not the default. CVE project by @Sn0wAlice | 2023-01-20T17:54:20Z|
 | [CVE-2019-12384](https://www.cve.org/CVERecord?id=CVE-2019-12384) | [MagicZer0/Jackson_RCE-CVE-2019-12384](https://github.com/MagicZer0/Jackson_RCE-CVE-2019-12384) | CVE-2019-12384 漏洞测试环境 | 2019-07-26T03:24:38Z|
 | [CVE-2019-12384](https://www.cve.org/CVERecord?id=CVE-2019-12384) | [akabe1/kr00ker](https://github.com/akabe1/kr00ker) | An experimental script PoC for Kr00k vulnerability (CVE-2019-15126) | 2020-03-18T16:25:28Z|