Web Application Detections—October 2024
In October, Qualys released QIDs targeting vulnerabilities in several widely used software products, including WordPress, Zohocorp ManageEngine Endpoint, Lobe Chat, Ivanti Virtual Traffic Manager (vTM), Traefik, Nginx Proxy Manager, Harbor, Haproxy, SolarWinds Access Rights Manager (ARM), Cacti, Ivanti Endpoint Manager Mobile (EPMM), JetBrains TeamCity, Palo Alto Networks Expedition, Progress Telerik Report Server, Zimbra, Oracle WebLogic Server, Apache Solr, FlatPress CMS, pgAdmin, Grafana, pfSense, SolarWinds Web Help Desk, Ivanti Avalanche, ReCrystallize Server, Joomla!, and PHP.
The following table lists the new QIDs released in October-2024:
| QID | Title |
|---|---|
| 152202 | Zohocorp ManageEngine Endpoint Central Incorrect Authorization Vulnerability (CVE-2024-38868) |
| 152206 | WordPress Delicious Recipe Plugin: Arbitrary File Movement and Reading Vulnerability (CVE-2024-7626) |
| 152207 | WordPress Simple Spoiler Plugin: Arbitrary Shortcode Execution Vulnerability (CVE-2024-8479) |
| 152209 | WordPress PropertyHive Plugin: Cross-Site Request Forgery Vulnerability (CVE-2024-8490) |
| 152210 | WordPress Share This Image Plugin: Open Redirect Vulnerability (CVE-2024-8761) |
| 152215 | WordPress infolinks Ad Wrap Plugin: Cross-Site Request Forgery Vulnerability (CVE-2024-8044) |
| 152216 | WordPress Bit File Manager Plugin: Arbitrary File Uploads Vulnerability (CVE-2024-7770) |
| 152224 | WordPress Logo Manager For Enamad Plugin: Stored Cross-Site Scripting Vulnerability (CVE-2024-5170) |
| 152247 | Lobe Chat Server-Side Request Forgery Vulnerability (CVE-2024-47066) |
| 152248 | WordPress Jupiter X Core Plugin: Arbitrary File Upload Vulnerability (CVE-2024-7772) |
| 152250 | WordPress Advanced File Manager Plugin: Local JavaScript File Inclusion Vulnerability (CVE-2024-8704) |
| 152251 | WordPress Visitors Plugin: Stored Cross-Site Scripting Vulnerability (CVE-2022-4541) |
| 152252 | WordPress Product Enquiry for WooCommerce Plugin: PHP Object Injection Vulnerability (CVE-2024-8922) |
| 152254 | WordPress Jupiter X Core Plugin: Authentication Bypass Vulnerability (CVE-2024-7781) |
| 152255 | WordPress Advanced File Manager Plugin: Arbitrary File Upload Vulnerability (CVE-2024-8126) |
| 152256 | WordPress Eventin Plugin: Local File Inclusion Vulnerability (CVE-2024-7149) |
| 152257 | Ivanti Virtual Traffic Manager (vTM) Authentication Bypass Vulnerability (CVE-2024-7593) |
| 152259 | WordPress Wechat Social Login Plugin: Authentication Bypass Vulnerability (CVE-2024-9106) |
| 152260 | WordPress Wechat Social Login Plugin: Arbitrary File Upload Vulnerability (CVE-2024-9108) |
| 152261 | Traefik HTTP Client Header Manipulation Vulnerability (CVE-2024-45410) |
| 152262 | WordPress WP Easy Gallery Plugin: Time-based SQL Injection Vulnerability (CVE-2024-9018) |
| 152263 | WordPress Unseen Blog Theme: PHP Object Injection Vulnerability (CVE-2024-7432) |
| 152264 | WordPress Empowerment Theme: PHP Object Injection Vulnerability (CVE-2024-7433) |
| 152266 | WordPress KB Support Plugin: Unauthorized Modification and Loss of Data Vulnerability (CVE-2024-8548) |
| 152268 | WordPress Broken Link Checker Plugin: Reflected Cross-Site Scripting Vulnerability (CVE-2024-8981) |
| 152269 | Nginx Proxy Manager Command Injection Vulnerability (CVE-2024-46256) |
| 152270 | Harbor Improper Privilege Management Vulnerability (CVE-2024-22278) |
| 152271 | Haproxy Detected |
| 152272 | WordPress WP Hotel Booking Plugin: Arbitrary File Upload Vulnerability (CVE-2024-7855) |
| 152273 | WordPress Social Web Suite Plugin: Directory Traversal Vulnerability (CVE-2024-8352) |
| 152274 | WordPress WPvivid Backup and Migration Plugin: Unauthenticated Sensitive Data Exposure Vulnerability (CVE-2024-7315) |
| 152275 | SolarWinds Access Rights Manager (ARM) Insecure Deserialization Remote Code Execution (RCE) Vulnerability (CVE-2024-28074) |
| 152276 | SolarWinds Access Rights Manager (ARM) Authentication Bypass Vulnerability (CVE-2024-23465) |
| 152277 | SolarWinds Access Rights Manager (ARM) Directory Traversal Vulnerabilities |
| 152278 | SolarWinds Access Rights Manager (ARM) Remote Code Execution (RCE) Vulnerability (CVE-2024-23469) |
| 152279 | SolarWinds Access Rights Manager (ARM) Remote Code Execution (RCE) Vulnerabilities (CVE-2024-23470, CVE-2024-23471) |
| 152280 | SolarWinds Access Rights Manager (ARM) Directory Traversal Remote Code Execution Vulnerabilities (CVE-2024-23466,CVE-2024-23467) |
| 152281 | Cacti Cross-Site Scripting Vulnerability (CVE-2024-43362) |
| 152282 | Cacti Log Poisoning Vulnerability (CVE-2024-43363) |
| 152283 | Cacti Cross-Site Scripting Vulnerability (CVE-2024-43364) |
| 152284 | Cacti Cross-Site Scripting Vulnerability (CVE-2024-43365) |
| 152286 | Ivanti Endpoint Manager Mobile (EPMM) Insecure Permissions Vulnerability (CVE-2024-7612) |
| 152287 | JetBrains TeamCity Sensitive Credential Exposure Vulnerability (CVE-2024-47161) |
| 152288 | JetBrains TeamCity Path Traversal Vulnerabilities (CVE-2024-47948, CVE-2024-47949) |
| 152289 | JetBrains TeamCity Stored Cross-Site Scripting (XSS) Vulnerabilities (CVE-2024-47950, CVE-2024-47951) |
| 152290 | WordPress LatePoint Plugin: SQL Injection Vulnerability (CVE-2024-8911) |
| 152291 | WordPress LatePoint Plugin: Authentication Bypass Vulnerability (CVE-2024-8943) |
| 152292 | Palo Alto Networks Expedition Admin Account Takeover Vulnerability (CVE-2024-5910) |
| 152293 | Palo Alto Networks Expedition OS command injection vulnerability (CVE-2024-9463) |
| 152294 | Palo Alto Networks Expedition OS Command Injection Vulnerability (CVE-2024-9464) |
| 152295 | Palo Alto Networks Expedition SQL Injection Vulnerability (CVE-2024-9465) |
| 152296 | Palo Alto Networks Expedition Cleartext Storage of Sensitive Information Vulnerability (CVE-2024-9466) |
| 152297 | Palo Alto Networks Expedition Cross-site Scripting Vulnerability (CVE-2024-9467) |
| 152298 | WordPress Pedalo Connector Plugin: Authentication Bypass Vulnerability (CVE-2024-9822) |
| 152299 | WordPress Pretix Widget Plugin: Local File Inclusion Vulnerability (CVE-2024-9575) |
| 152300 | Progress Telerik Report Server Insecure Type Resolution Vulnerability (CVE-2024-8015) |
| 152301 | WordPress Users Masquerade Plugin: Authentication Bypass Vulnerability (CVE-2024-9522) |
| 152302 | WordPress Shortcodes AnyWhere Plugin: Arbitrary Shortcode Execution Vulnerability (CVE-2024-9581) |
| 152303 | WordPress File Upload Plugin: Path Traversal Vulnerability (CVE-2024-9047) |
| 152304 | Zimbra Remote Code Execution (RCE) Vulnerability (CVE-2024-45519) |
| 152305 | WordPress WP 2FA with Telegram Plugin: Authentication Bypass Vulnerability (CVE-2024-9687) |
| 152306 | WordPress Bot for Telegram on WooCommerce Plugin: Sensitive Information Disclosure Vulnerability (CVE-2024-9821) |
| 152307 | Oracle WebLogic Server Multiple Vulnerabilities (CPUOCT2024) |
| 152308 | WordPress GutenKit Plugin: Arbitrary File Upload Vulnerability (CVE-2024-9234) |
| 152309 | Apache Solr Authentication Bypass Vulnerability (CVE-2024-45216) |
| 152310 | Apache Solr Insecure Default Initialization of Resource Vulnerability (CVE-2024-45217) |
| 152311 | WordPress GiveWP Plugin: PHP Object Injection Vulnerability (CVE-2024-9634) |
| 152312 | WordPress Hunk Companion Plugin: Unauthorized Plugin Installation/Activation Vulnerability (CVE-2024-9707) |
| 152313 | WordPress Limb Gallery Plugin: Arbitrary File Upload Vulnerability (CVE-2024-49260) |
| 152314 | FlatPress CMS: Sensitive Data Exposure in Cookies Vulnerability (CVE-2024-41290) |
| 152315 | WordPress File Manager Plugin: Authentication Bypass Vulnerability (CVE-2018-25105) |
| 152316 | WordPress ThemeGrill Demo Importer Plugin: Authentication Bypass Vulnerability (CVE-2020-36837) |
| 152317 | pgAdmin Authentication Bypass Vulnerability (CVE-2024-9014) |
| 152318 | Grafana Remote Code Execution Vulnerability (CVE-2024-9264) |
| 152319 | pfSense Cross-site Scripting Vulnerability (CVE-2024-46538) |
| 152321 | SolarWinds Web Help Desk Java Deserialization Remote Code Execution (RCE) Vulnerability (CVE-2024-28988) |
| 152322 | WordPress WP Timetics Plugin: Insecure Direct Object Reference Vulnerability (CVE-2024-9263) |
| 152323 | WordPress UserPro Plugin: Privilege Escalation Vulnerability (CVE-2024-9863) |
| 152324 | Ivanti Avalanche Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-47008) |
| 152325 | Ivanti Avalanche Path Traversal Vulnerabilities (CVE-2024-47009, CVE-2024-47010, CVE-2024-47011) |
| 152326 | Ivanti Avalanche NULL pointer dereference Vulnerability (CVE-2024-47007) |
| 152327 | Grafana Incorrect Permission Vulnerability (CVE-2024-8118) |
| 152328 | ReCrystallize Server Authentication Bypass Vulnerability (CVE-2024-26331) |
| 152329 | ReCrystallize Server Unrestricted File Upload Vulnerability (CVE-2024-28269) |
| 152332 | WordPress AI Postpix Plugin: Arbitrary File Upload Vulnerability (CVE-2024-49671) |
| 152334 | WordPress INK Official Plugin: Arbitrary File Upload Vulnerability (CVE-2024-49669) |
| 152335 | WordPress Woocommerce Custom Profile Picture Plugin: Arbitrary File Upload Vulnerability (CVE-2024-49658) |
| 154160 | Joomla! Core Cache Poisoning Vulnerability (CVE-2024-27185) |
| 154161 | Joomla! Core Improper Access Control Vulnerability (CVE-2024-27187) |
| 154162 | Joomla! Core Cross-Site Scripting Vulnerability (CVE-2024-40743) |
| 154163 | Joomla! Core Cross-Site Scripting Vulnerability (CVE-2024-27186) |
| 154164 | Joomla! Core Cross-Site Scripting Vulnerability (CVE-2024-26278) |
| 154165 | Joomla! Core Cross-Site Scripting Vulnerability (CVE-2024-26279) |
| 154166 | Joomla! Core Open Redirect Vulnerability (CVE-2024-27184) |
| 520031 | PHP Erroneous Parsing of Multipart Form Data (CVE-2024-8925) |
| 520032 | PHP Command Injection Vulnerability (CVE-2024-8926) |
Qualys Notification Link: Web Application Detections Published in October 2024