Updated by Github Bot

EXP-Tools · Sep 20, 2023 · 152276b · 152276b
1 parent bf9be83
commit 152276b
Show file tree

Hide file tree

Showing 3 changed files with 97 additions and 82 deletions.
diff --git a/cache/Nsfocus.dat b/cache/Nsfocus.dat
@@ -110,3 +110,18 @@ b07a1ec58f70215aa021180da41ee232
 6348e9f3756f4714dfbb7dd2aff3a730
 a8ec06a4e0f47231252875fb8fefa36a
 8c674861023757c78b0f5cfcf0b0bda3
+9b368c17888c65df6929d8f87e4b2d06
+38f84c839bb56448823c2d67f5a9b457
+67abdcdc9c614adccc233e6062481acb
+aa39b65667b1ed217b8bb5dc7f610621
+6971705f6fd26d8ffcfe7dcf2829e56e
+ba69c37ce2af176e6e5d299663cbd1a9
+f10a69b7878eaf1de9ebee4177f4144b
+cc45cd2691130df4abe65400f883ac1d
+2f25e9d021f931417f4f4b0ea4655db5
+262be7833d03f45251a687bb13bbbdaf
+e64524aa786d405936863429af4eca8b
+c2ca3de98c882ba5f8d73ab0796b5754
+14075a463d3f3d9fc4afff6075200729
+9b62437976f086ff6604f2db9f22753f
+27c8185a1e0fd60507c890696885af8a
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2023-09-19 22:26:08 -->
+<!-- RELEASE TIME : 2023-09-20 03:23:13 -->
 <html lang="zh-cn">
 
  <head>
@@ -38,7 +38,7 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>90c81d0ff5a3e9ce595ebd560dc5d25e</td>
        <td></td>
-       <td>2023-09-18 07:04:38 <img src="imgs/new.gif" /></td>
+       <td>2023-09-18 07:04:38</td>
        <td>安全事件周报 2023-09-11 第37周</td>
        <td><a target="_blank" href="https://cert.360.cn/warning/detail?id=6507f68422adc884abcd7f5b">详情</a></td>
       </tr>
@@ -350,15 +350,15 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>d75a3573520b8e80616692df319f654c</td>
        <td>CVE-2023-42454</td>
-       <td>2023-09-18 22:15:47 <img src="imgs/new.gif" /></td>
+       <td>2023-09-18 22:15:47</td>
        <td>SQLpage is a SQL-only webapp builder. Someone using SQLpage versions prior to 0.11.1, whose SQLpage instance is exposed publicly, with a database connection string specified in the `sqlpage/sqlpage.json` configuration file (not in an environment variable), with the web_root is the current working directory (the default), and with their database exposed publicly, is vulnerable to an attacker retrieving database connection information from SQLPage and using it to connect to their database directly. Version 0.11.0 fixes this issue. Some workarounds are available. Using an environment variable instead of the configuration file to specify the database connection string prevents exposing it on vulnerable versions. Using a different web root (that is not a parent of the SQLPage configuration directory) fixes the issue. One should also avoid exposing one's database publicly.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-42454">详情</a></td>
       </tr>
 
       <tr>
        <td>7dcf01e57fdaefbc3b62d1506a8a094e</td>
        <td>CVE-2023-42446</td>
-       <td>2023-09-18 22:15:47 <img src="imgs/new.gif" /></td>
+       <td>2023-09-18 22:15:47</td>
        <td>Pow is a authentication and user management solution for Phoenix and Plug-based apps. Starting in version 1.0.14 and prior to version 1.0.34, use of `Pow.Store.Backend.MnesiaCache` is susceptible to session hijacking as expired keys are not being invalidated correctly on startup. A session may expire when all `Pow.Store.Backend.MnesiaCache` instances have been shut down for a period that is longer than a session's remaining TTL. Version 1.0.34 contains a patch for this issue. As a workaround, expired keys, including all expired sessions, can be manually invalidated.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-42446">详情</a></td>
       </tr>
@@ -1734,23 +1734,23 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>e6c76de0559ade6a94ebaa63996490cc</td>
        <td>CVE-2023-4576</td>
-       <td>2023-09-18 20:07:48 <img src="imgs/new.gif" /></td>
+       <td>2023-09-18 20:07:48</td>
        <td>MOZILLA Multiple product Vulnerability</td>
        <td><a target="_blank" href="https://redqueen.tj-un.com/IntelDetails.html?id=e35662ac17024a17b872a610bce7045c">详情</a></td>
       </tr>
 
       <tr>
        <td>fe43d8d024525a818c4c6858e5c569c5</td>
        <td>CVE-2023-4577</td>
-       <td>2023-09-18 20:07:47 <img src="imgs/new.gif" /></td>
+       <td>2023-09-18 20:07:47</td>
        <td>MOZILLA Multiple product Vulnerability</td>
        <td><a target="_blank" href="https://redqueen.tj-un.com/IntelDetails.html?id=db0c74b4d42549aba81709db4e9a7980">详情</a></td>
       </tr>
 
       <tr>
        <td>863bda655c785d7d7040fd4e42234e90</td>
        <td>CVE-2023-4574</td>
-       <td>2023-09-18 20:07:47 <img src="imgs/new.gif" /></td>
+       <td>2023-09-18 20:07:47</td>
        <td>MOZILLA Multiple product Vulnerability</td>
        <td><a target="_blank" href="https://redqueen.tj-un.com/IntelDetails.html?id=c119296dacdc4d459896b8676bcf03a6">详情</a></td>
       </tr>
@@ -2092,123 +2092,123 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       </tr>
 
       <tr>
-       <td>cb941c538f70e09fb78b773be89d51fb</td>
-       <td>CVE-2022-44215</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>Titan FTP Server开放重定向漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84993">详情</a></td>
+       <td>9b368c17888c65df6929d8f87e4b2d06</td>
+       <td>CVE-2023-36923</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>SAP PowerDesigner代码注入漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85078">详情</a></td>
       </tr>
 
       <tr>
-       <td>8ecba32dbfef2d8973f668bc11f1a385</td>
-       <td>CVE-2023-39578</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>跨站脚本漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84992">详情</a></td>
+       <td>38f84c839bb56448823c2d67f5a9b457</td>
+       <td>CVE-2023-3365</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>WordPress MultiParcels Shipping For WooCommerce plugin授权错误漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85077">详情</a></td>
       </tr>
 
       <tr>
-       <td>06d7e2ba70b7bd0b1fbabe332f2e346d</td>
-       <td>CVE-2023-39708</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>Inventory Management System跨站脚本漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84991">详情</a></td>
+       <td>67abdcdc9c614adccc233e6062481acb</td>
+       <td>CVE-2023-3522</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>a2 License Portal System SQL注入漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85076">详情</a></td>
       </tr>
 
       <tr>
-       <td>d16b66c1e1605f77ef7e4b175c8e6a84</td>
-       <td>CVE-2023-23772</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>Motorola MBTS Site Controller加密签名验证错误漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84990">详情</a></td>
+       <td>aa39b65667b1ed217b8bb5dc7f610621</td>
+       <td>CVE-2023-38762</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>ChurchCRM SQL注入漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85075">详情</a></td>
       </tr>
 
       <tr>
-       <td>498fb080153240c0ac0563e2900f006e</td>
-       <td>CVE-2023-41005</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>pagekit任意代码执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84989">详情</a></td>
+       <td>6971705f6fd26d8ffcfe7dcf2829e56e</td>
+       <td>CVE-2023-27411</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>Siemens RUGGEDCOM CROSSBOW SQL注入漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85074">详情</a></td>
       </tr>
 
       <tr>
-       <td>880d51fcf2a7a5066fe4a6a921988757</td>
-       <td>CVE-2023-40826</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>pf4j路径遍历漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84988">详情</a></td>
+       <td>ba69c37ce2af176e6e5d299663cbd1a9</td>
+       <td>CVE-2022-48580</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>ScienceLogic SL1命令注入漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85073">详情</a></td>
       </tr>
 
       <tr>
-       <td>a7a091a2bd4e5a3b852ede7ef595e1f2</td>
-       <td>CVE-2023-39615</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>Libxml2越界读取漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84987">详情</a></td>
+       <td>f10a69b7878eaf1de9ebee4177f4144b</td>
+       <td>CVE-2023-38213</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>Adobe Dimension越界读取漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85072">详情</a></td>
       </tr>
 
       <tr>
-       <td>3799be0904da892dec49ad2cbbc5132b</td>
-       <td>CVE-2023-0654</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>Cloudflare WARP Mobile Client渲染UI层或帧限制错误漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84986">详情</a></td>
+       <td>cc45cd2691130df4abe65400f883ac1d</td>
+       <td>CVE-2023-3857</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>phpscriptpoint Ecommerce跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85071">详情</a></td>
       </tr>
 
       <tr>
-       <td>48b85fe24ba567ec2d155e7cd88711af</td>
-       <td>CVE-2022-47069</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>p7zip堆缓冲区溢出漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84985">详情</a></td>
+       <td>2f25e9d021f931417f4f4b0ea4655db5</td>
+       <td>CVE-2023-3850</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>Lost and Found Information System SQL注入漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85070">详情</a></td>
       </tr>
 
       <tr>
-       <td>81cb0c8f6ad4b141b4d773bb58fb41db</td>
-       <td>CVE-2022-48065</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>GNU Binutils内存泄露漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84984">详情</a></td>
+       <td>262be7833d03f45251a687bb13bbbdaf</td>
+       <td>CVE-2023-3845</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>mooSocial mooDating跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85069">详情</a></td>
       </tr>
 
       <tr>
-       <td>5a7ded38347c1c65963513bd24d71353</td>
-       <td>CVE-2022-48547</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>Cacti跨站脚本漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84983">详情</a></td>
+       <td>e64524aa786d405936863429af4eca8b</td>
+       <td>CVE-2023-3839</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>DedeBIZ SQL注入漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85068">详情</a></td>
       </tr>
 
       <tr>
-       <td>83840beb7ed03b10477f4599a205a7bc</td>
-       <td>CVE-2022-48570</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>Crypto++越界写入漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84982">详情</a></td>
+       <td>c2ca3de98c882ba5f8d73ab0796b5754</td>
+       <td>CVE-2023-3834</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>Bug Finder EX-RATE跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85067">详情</a></td>
       </tr>
 
       <tr>
-       <td>f29419a9f961ac2518bffbc7b367d4e4</td>
-       <td>CVE-2023-24515</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>Artica Pandora FMS服务器端请求伪造漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84981">详情</a></td>
+       <td>14075a463d3f3d9fc4afff6075200729</td>
+       <td>CVE-2023-3830</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>Bug Finder SASS BILLER跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85066">详情</a></td>
       </tr>
 
       <tr>
-       <td>afb625aedd81891c198f84d4099c4025</td>
-       <td>CVE-2023-36281</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>LangChain代码注入漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84980">详情</a></td>
+       <td>9b62437976f086ff6604f2db9f22753f</td>
+       <td>CVE-2023-26961</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>Alteryx Server跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85065">详情</a></td>
       </tr>
 
       <tr>
-       <td>5146b49d6f4b436eac2840e8a5ac5202</td>
-       <td>CVE-2023-37426</td>
-       <td>2023-09-18 07:19:58 <img src="imgs/new.gif" /></td>
-       <td>Aruba Networks EdgeConnect SD-WAN Orchestrator硬编码凭据使用漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/84979">详情</a></td>
+       <td>27c8185a1e0fd60507c890696885af8a</td>
+       <td>CVE-2023-3970</td>
+       <td>2023-09-19 03:21:04 <img src="imgs/new.gif" /></td>
+       <td>GZ Scripts Availability Booking Calendar PHP跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/85064">详情</a></td>
       </tr>
 
      </tbody>