Jose Alexis Correa Valencia, Author at AlterPlex

9 Mar 2025

CVE-2025-2113

Título es
CVE-2025-2113

Dom, 09/03/2025 – 03:15

Tipo
CWE-74

Gravedad v2.0
7.50

Gravedad 2.0 Txt
HIGH

Título en

CVE-2025-2113

Descripción en
A vulnerability was found in AT Software Solutions ATSVD up to 3.4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Esqueceu a senha. The manipulation of the argument txtCPF leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.4.2 is able to address this issue. It is recommended to upgrade the affected component.

09/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Vector CVSS:2.0
AV:N/AC:L/Au:N/C:P/I:P/A:P

Gravedad 4.0
6.90

Gravedad 4.0 txt
MEDIUM

Gravedad 3.1 (CVSS 3.1 Base Score)
7.30

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://github.com/yago3008/cves

https://vuldb.com/?ctiid_299006=

https://vuldb.com/?id_299006=

https://vuldb.com/?submit_506341=

Enviar en el boletín
Off

9 Mar 2025

CVE-2025-2114

Título es
CVE-2025-2114

Dom, 09/03/2025 – 05:15

Tipo
CWE-266

Gravedad v2.0
2.60

Gravedad 2.0 Txt
LOW

Título en

CVE-2025-2114

Descripción en
A vulnerability, which was classified as problematic, has been found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 7. This issue affects some unknown processing of the file /WebPages/Adm/OperatorStop.asp of the component Reset Password Interface. The manipulation of the argument OperId leads to improper authorization. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

09/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Vector CVSS:2.0
AV:N/AC:H/Au:N/C:P/I:N/A:N

Gravedad 4.0
6.30

Gravedad 4.0 txt
MEDIUM

Gravedad 3.1 (CVSS 3.1 Base Score)
3.70

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
LOW

Referencias

https://github.com/zhangbuneng/an-arbitrary-user-password-reset-vulnerability-in-the-Sixun-Shanghui-7-Group/issues/1#issue-2877317082

https://vuldb.com/?ctiid_299009=

https://vuldb.com/?id_299009=

https://vuldb.com/?submit_506591=

Enviar en el boletín
Off

8 Mar 2025

CVE-2025-27840

Título es
CVE-2025-27840

Sáb, 08/03/2025 – 20:15

Tipo
CWE-912

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2025-27840

Descripción en
Espressif ESP32 chips allow 29 hidden HCI commands, such as 0xFC02 (Write memory).

08/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:L

Gravedad 3.1 (CVSS 3.1 Base Score)
6.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://github.com/TarlogicSecurity/Talks/blob/main/2025_RootedCon_BluetoothTools.pdf

https://reg.rootedcon.com/cfp/schedule/talk/5

https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/

https://www.tarlogic.com/news/backdoor-esp32-chip-infect-ot-devices/

https://x.com/pascal_gujer/status/1898442439704158276

Enviar en el boletín
Off

8 Mar 2025

CVE-2025-2112

Título es
CVE-2025-2112

Sáb, 08/03/2025 – 22:15

Tipo
CWE-74

Gravedad v2.0
6.50

Gravedad 2.0 Txt
MEDIUM

Título en

CVE-2025-2112

Descripción en
A vulnerability was found in user-xiangpeng yaoqishan up to a47fec4a31cbd13698c592dfdc938c8824dd25e4. It has been declared as critical. Affected by this vulnerability is the function getMediaLisByFilter of the file cn/javaex/yaoqishan/service/media_info/MediaInfoService.java. The manipulation of the argument typeId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.

08/03/2025

Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Vector CVSS:2.0
AV:N/AC:L/Au:S/C:P/I:P/A:P

Gravedad 4.0
5.30

Gravedad 4.0 txt
MEDIUM

Gravedad 3.1 (CVSS 3.1 Base Score)
6.30

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://github.com/xiaolian-11/code_demo/blob/main/yaoqishan-sql.md

https://vuldb.com/?ctiid_299005=

https://vuldb.com/?id_299005=

https://vuldb.com/?submit_506085=

Enviar en el boletín
Off

8 Mar 2025

CVE-2023-52968

Título es
CVE-2023-52968

Sáb, 08/03/2025 – 23:15

Tipo
CWE-696

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2023-52968

Descripción en
MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 before 10.11.7, 11.0 before 11.0.5, and 11.1 before 11.1.4 calls fix_fields_if_needed under mysql_derived_prepare when derived is not yet prepared, leading to a find_field_in_table crash.

09/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
4.90

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://jira.mariadb.org/browse/MDEV-32082

Enviar en el boletín
Off

8 Mar 2025

CVE-2023-52971

Título es
CVE-2023-52971

Sáb, 08/03/2025 – 23:15

Tipo
CWE-1038

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2023-52971

Descripción en
MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_plan.

09/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
4.90

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://jira.mariadb.org/browse/MDEV-32084

Enviar en el boletín
Off

8 Mar 2025

CVE-2023-52970

Título es
CVE-2023-52970

Sáb, 08/03/2025 – 23:15

Tipo
CWE-1038

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2023-52970

Descripción en
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.

09/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
4.90

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://jira.mariadb.org/browse/MDEV-32086

Enviar en el boletín
Off

8 Mar 2025

CVE-2023-52969

Título es
CVE-2023-52969

Sáb, 08/03/2025 – 23:15

Tipo
CWE-1038

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2023-52969

Descripción en
MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0.* can sometimes crash with an empty backtrace log. This may be related to make_aggr_tables_info and optimize_stage2.

09/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
4.90

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://jira.mariadb.org/browse/MDEV-32083

Enviar en el boletín
Off

8 Mar 2025

CVE-2024-11640

Título es
CVE-2024-11640

Sáb, 08/03/2025 – 12:15

Tipo
CWE-352

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-11640

Descripción en
The VikRentCar Car Rental Management System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4.2. This is due to missing or incorrect nonce validation on the 'save' function. This makes it possible for unauthenticated attackers to change plugin access privileges via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Successful exploitation allows attackers with subscriber-level privileges and above to upload arbitrary files on the affected site's server which may make remote code execution possible.

08/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)
8.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH

Referencias

https://plugins.trac.wordpress.org/changeset/3225040/vikrentcar

https://www.wordfence.com/threat-intel/vulnerabilities/id/4a4c085a-1601-4c1a-ac17-0f2cf5d02489?source=cve

Enviar en el boletín
Off

8 Mar 2025

CVE-2024-13675

Título es
CVE-2024-13675

Sáb, 08/03/2025 – 12:15

Tipo
CWE-79

Gravedad 2.0 Txt
Pendiente de análisis

Título en

CVE-2024-13675

Descripción en
The SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the "Icon List" Block in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

08/03/2025

Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)
6.40

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM

Referencias

https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3251693%40slingblocks&new=3251693%40slingblocks#file5

https://www.wordfence.com/threat-intel/vulnerabilities/id/f34904b5-3b3d-46d3-9e33-ef661d5f4149?source=cve

Enviar en el boletín
Off

Autor: Jose Alexis Correa Valencia