Web Application Detections—July 2024
In June, the Qualys Web Application Scanning (WAS) team issued a critical security signatures update. This update expands the scope to detect vulnerabilities in several widely-used software applications, including GeoServer, Progress MOVEit Transfer, JetBrains TeamCity, Apache Tomcat, Joomla, Splunk, Oracle WebLogic Server, ServiceNow, Apache HTTP Server, Apache RocketMQ, Progress Telerik Report Server, Spring Cloud, OpenObserve, Ivanti Endpoint Manager Mobile (EPMM), PHP, Adobe Magento, pdoc, Atlassian Jira Data Center and Server, PublicCMS, Webmin, Atlassian Bamboo Data Center and Server.
The following table lists the new QIDs.
| QID | Title |
| 150222 | Reverse Tabnabbing |
| 150858 | Default Web Directory Paths Found |
| 150885 | Children Privacy Policy Act COPPA Found |
| 150997 | WordPress Export WP Page to Static HTML/CSS Plugin: Open Redirect Vulnerability (CVE-2024-3597) |
| 151040 | Polyfill JavaScript Detected |
| 152000 | WordPress Media Library Assistant Plugin: Time-based SQL Injection Vulnerability (CVE-2024-5605) |
| 152001 | WordPress Popup Builder Plugin: Unauthorized Access of Functionality Vulnerability (CVE-2023-6696) |
| 152003 | WordPress Blog2Social Plugin: SQL Injection Vulnerability (CVE-2024-3549) |
| 152004 | WordPress Ad Invalid Click Protector(AICP) Plugin: Injected Backdoor Vulnerability (CVE-2024-6297) |
| 152005 | WordPress Dokan Pro Plugin: SQL Injection Vulnerability (CVE-2024-3922) |
| 152006 | WordPress Blaze-Widget Plugin: Injected Backdoor Vulnerability (CVE-2024-6297) |
| 152007 | WordPress Britetechs Companion Plugin: Injected Backdoor Vulnerability (CVE-2024-6297) |
| 152008 | GeoServer Classpath Resource Disclosure Vulnerability (CVE-2024-24749) |
| 152009 | GeoServer Sensitive Information Exposure Vulnerability (CVE-2024-34696) |
| 152010 | GeoServer Remote Code Execution (RCE) Vulnerability (CVE-2024-36401) |
| 152013 | Progress MOVEit Transfer Improper Authentication Vulnerability (CVE-2024-5806) |
| 152014 | WordPress Contact Form 7 Multi-Step Addon Plugin: Injected Backdoor Vulnerability (CVE-2024-6297) |
| 152015 | WordPress Pods Plugin: Injected Backdoor Vulnerability (CVE-2024-6297) |
| 152016 | WordPress PowerPress Podcasting Plugin: Injected Backdoor Vulnerability (CVE-2024-6297) |
| 152017 | WordPress W3 Total Cache Plugin: Directory Traversal Vulnerability (CVE-2019-6715) |
| 152018 | WordPress Seo Optimized Images Plugin: Injected Backdoor Vulnerability (CVE-2024-6297) |
| 152019 | WordPress UsersWP Plugin: Time-Based SQL Injection Vulnerability (CVE-2024-6265) |
| 152020 | JetBrains TeamCity Sensitive Credential Exposure Vulnerabilities (CVE-2024-39878, CVE-2024-39879) |
| 152021 | WordPress Simply Show Hooks Plugin: Injected Backdoor Vulnerability (CVE-2024-6297) |
| 152022 | Apache Tomcat Denial of Service Vulnerability (CVE-2024-34750) |
| 152023 | Joomla! HikaShop Extension SQL Injection Vulnerability (CVE-2023-38044) |
| 152024 | Splunk Enterprise Path Traversal Vulnerability (CVE-2024-36991) |
| 152025 | WordPress JSON API User Plugin: Unauthenticated Privilege Escalation Vulnerability (CVE-2024-6624) |
| 152026 | Joomla! Core Cross Site Scripting Vulnerability (CVE-2024-26278) |
| 152027 | Joomla! Core Cross Site Scripting Vulnerability (CVE-2024-26279) |
| 152029 | Oracle WebLogic Server Multiple Vulnerabilities (CPUJUL2024) |
| 152030 | Splunk Enterprise Remote Code Execution (RCE) Vulnerability (CVE-2024-36985) |
| 152033 | ServiceNow Template Injection Vulnerability (CVE-2024-4879) |
| 152034 | ServiceNow Input Validation Vulnerability (CVE-2024-5217) |
| 152035 | Apache HTTP Server Source Code Disclosure Vulnerability (CVE-2024-40725) |
| 152036 | Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-40898) |
| 152037 | WordPress WPCafe Plugin: Local File Inclusion(LFI) Vulnerability (CVE-2024-5431) |
| 152038 | WordPress Auto Featured Image Plugin: Arbitrary File Upload Vulnerability (CVE-2024-6054) |
| 152039 | WordPress Profile-Builder Plugin: Privilege Escalation Vulnerability (CVE-2024-6695) |
| 152040 | Atlassian Confluence Data Center and Server Stored Cross-Site Scripting (XSS) Vulnerability (CVE-2024-21686) |
| 152041 | WordPress Modern Events Calendar Plugin: Arbitrary File Upload Vulnerability (CVE-2024-5441) |
| 152042 | WordPress Redux Framework Plugin: Unauthenticated JSON File Upload Vulnerability (CVE-2024-6828) |
| 152043 | Apache RocketMQ Sensitive Information Disclosure Vulnerability (CVE-2024-23321) |
| 152044 | WordPress Wallet for WooCommerce Plugin: SQL Injection Vulnerability (CVE-2024-6353) |
| 152045 | WordPress Keydatas Plugin: Arbitrary File Upload Vulnerability (CVE-2024-6220) |
| 152046 | Progress Telerik Report Server Insecure Deserialization Vulnerability (CVE-2024-6327) |
| 152047 | JetBrains TeamCity Insufficient Session Expiration Vulnerability (CVE-2024-41827) |
| 152048 | JetBrains TeamCity Sensitive Data Leakage in Build Logs Vulnerability (CVE-2024-41824) |
| 152049 | JetBrains TeamCity Stored Cross-Site Scripting (XSS) Vulnerabilities (CVE-2024-41825,CVE-2024-41826) |
| 152050 | JetBrains TeamCity Inconsistent Token Timing Vulnerability (CVE-2024-41828) |
| 152051 | JetBrains TeamCity OAuth Code Exposure Vulnerability (CVE-2024-41829) |
| 152055 | Spring Cloud Data Flow Remote Code Execution Vulnerability (CVE-2024-37084) |
| 152056 | OpenObserve Cross-Site Scripting (XSS) Vulnerability (CVE-2024-41808) |
| 152057 | Progress MOVEit Transfer Improper Authentication Vulnerability (CVE-2024-6576) |
| 152060 | Ivanti Endpoint Manager Mobile (EPMM) Insufficient Authorization Vulnerability (CVE-2024-36130) |
| 152061 | Ivanti Endpoint Manager Mobile (EPMM) Insecure Deserialization Vulnerability (CVE-2024-36131) |
| 152062 | Ivanti Endpoint Manager Mobile (EPMM) Improper Authentication Vulnerabilities (CVE-2024-36132,CVE-2024-34788) |
| 152064 | WordPress Yoast SEO Plugin: Stored Cross-Site Scripting (XSS) Vulnerability (CVE-2024-4984) |
| 152100 | PHP Insufficient Verification of Data Authenticity (CVE-2024-5458) |
| 152102 | Malicious Polyfill.io Source Detected |
| 152103 | Apache HTTP Server Prior to 2.4.60 Multiple Security Vulnerabilities |
| 152104 | Adobe Magento XML External Entity (XXE) Vulnerability (CVE-2024-34102) |
| 152105 | JavaScript in pdoc uses polyfill.io (CVE-2024-38526) |
| 520018 | Atlassian Jira Data Center and Server Information Disclosure Vulnerability (CVE-2024-21685) |
| 520019 | PublicCMS Multiple SSRF Vulnerabilities (CVE-2024-40543,CVE-2024-40544) |
| 520020 | PublicCMS Arbitrary File Upload Vulnerability (CVE-2024-40545) |
| 520021 | Webmin Cross-Site Scripting Vulnerability (CVE-2024-36450) |
| 520022 | Webmin Improper Authorization Vulnerability (CVE-2024-36451) |
| 520023 | Webmin Cross-Site Scripting Vulnerability (CVE-2024-36452) |
| 520024 | Webmin Cross-Site Scripting Vulnerability (CVE-2024-36453) |
| 520025 | Atlassian Bamboo Data Center and Server File Inclusion Vulnerability (CVE-2024-21687) |
| 520026 | Atlassian Bamboo Data Center and Server SSRF (Server-Side Request Forgery) Vulnerability (CVE-2024-22262) |
Qualys Notification Link: Web Application Detections Published in July 2024.