u32i/cve

Releases0

Details about some vulnerabilities I've discovered.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-25164 ↗	Mar 5, 2024Tuesday, 5 March 2024, 00:15	7.5 HIGH	—
iA Path Traversal vulnerability exists in iDURAR v2.0.0, that allows unauthenticated attackers to expose sensitive files via the download functionality.
CVE-2024-22836 ↗	Feb 8, 2024Thursday, 8 February 2024, 20:15	9.8 CRITICAL	—
An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can manipulate the company locale when installing an app to execute system commands on the hosting server.