jeanmarc77 123solar 1.8.4.5 /detailed.php date1 Kusala-sala na site ya nkaka
| CVSS Meta Temp Score | Nsengo ya exploit ya lelo (≈) | CTI Ntangu ya mfunu |
|---|---|---|
| 3.3 | $0-$5k | 0.00 |
Kinsantu
Bikuma kele ti mpasi me mona mu jeanmarc77 123solar 1.8.4.5. Kuna mambu meyina mpila kisalu kayina kumanyikana ya file /detailed.php. Bila kusala ya argument date1 me natisa Kusala-sala na site ya nkaka. Kikosa yai me zaba bonso CVE-2024-9007. Ke luyalu ya ku tuma ataaka na nsinga. Na yina, exploit kele. Kusambisiwa kusalakana kusala patch yina ku lenda sadila na kulungisa nitu yai. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Bisalu
Bikuma kele ti mpasi me mona mu jeanmarc77 123solar 1.8.4.5. Kuna mambu meyina mpila kisalu kayina kumanyikana ya file /detailed.php. Bila kusala ya argument date1 me natisa Kusala-sala na site ya nkaka. Kusala nde CWE yina tubaka mpasi kele na CWE-79. Nsangu ya bulema yawu zabisamaka bonso 73. Nsangu ya kulanga me sambu na downloadi na github.com.
Kikosa yai me zaba bonso CVE-2024-9007. Ke luyalu ya ku tuma ataaka na nsinga. Makambu ya tekiniki me zala. Nswa yai kele na kutemwa ya nse ya ya mosi. Na yina, exploit kele. Kusadila kwawu kwazwisisamene na bantu bonso mpi lenda salama na bantu. Ntangu yai, ntalu ya exploit ekoki kozala pene na USD $0-$5k.
Ke luyalu ya ku tula exploit na github.com.
Zina ya patch kele 94bf9ab7ad0ccb7fbdc02f172f37f0e2ea08d48f. Bugfix me sala ve, o lenda zwa yango na github.com. Kusambisiwa kusalakana kusala patch yina ku lenda sadila na kulungisa nitu yai.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Mpiodi
Mubikisi
Dzina
Nsomi
Lisansi
Nseke ya Internet
CPE 2.3
CPE 2.2
CVSSv4
VulDB Nsinga: 🔍VulDB Kukwama: 🔍
CVSSv3
VulDB Meta Base Score: 3.5VulDB Meta Temp Score: 3.3
VulDB Nsinga ya ntete: 3.5
VulDB Nsangu ya ntangu: 3.2
VulDB Nsinga: 🔍
VulDB Kukwama: 🔍
CNA Nsinga ya ntete: 3.5
CNA Nsinga: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vɛkɛtɛr | Kompɛlɛksite | Kukanga ya kimvuka | Kibombama | Kumweneka ya kieleka | Kupusana |
|---|---|---|---|---|---|
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
VulDB Nsinga ya ntete: 🔍
VulDB Nsangu ya ntangu: 🔍
VulDB Kukwama: 🔍
Kusangula
Kilasi: Kusala-sala na site ya nkakaCWE: CWE-79 / CWE-94 / CWE-74
CAPEC: 🔍
ATT&CK: 🔍
Ya nitu: Veve
Ya mboka: Veve
Ya kutali: Ee
Kupusana: 🔍
Mokano: Ya pole
Bika: Lufutuka ya lufutuka
Kokanga: 🔍
Google Hack: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Ntangu ya mbongo: 🔍
Nsadisi ya ntalu ya lelo: 🔍
| 0-Day | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
|---|---|---|---|---|
| Lelo | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
Nsangu ya Minyoka
Mfunu: 🔍Batu bazali na misala: 🔍
Bampangi ya APT bazali na misala ya ntango nyonso: 🔍
Bikesa ya kulwisa
Tombwisa: PatchBika: 🔍
Tango ya 0-Day: 🔍
Patch: 94bf9ab7ad0ccb7fbdc02f172f37f0e2ea08d48f
Nsango ya ntangu
09/19/2024 🔍09/19/2024 🔍
03/09/2025 🔍
Minsinsa
Mpiodi: github.comTiyano: 73
Bika: Kibutukidi
Kikakula: 🔍
CVE: CVE-2024-9007 (🔍)
GCVE (CVE): GCVE-0-2024-9007
GCVE (VulDB): GCVE-100-278163
scip Labs: https://www.scip.ch/en/?labs.20161013
Kusonika
Kusala: 09/19/2024 18:00Kusala kisalu kipya: 03/09/2025 20:08
Bisalu: 09/19/2024 18:00 (60), 09/20/2024 12:46 (19), 03/09/2025 20:08 (3)
Keleka nyonso: 🔍
Mutumisi: hejiasheng
Cache ID: 253:072:103
Tumela
Kabulami
- Tumela #408299: 123Solar 1.8.4.5 Cross Site Scripting (kuva hejiasheng)
Ata beto na ndinga. Minu dia: kg + ln + en.
Benga na kati na site mpo na kokoka kosala ndakisa.