Updated by Github Bot

EXP-Tools · May 2, 2024 · 19f4de9 · 19f4de9
1 parent bc61c89
commit 19f4de9
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 81 deletions.
diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat
@@ -182,3 +182,13 @@ eb585d5dcc3781c57fa58217a7c00262
 b79d36fdb4fbb1617f3ed55bbb79edd5
 1267a4c0b3618ccf33b578b1fd66d0b3
 490a962058a3da6f7c619e49474a9ed3
+4810ab7e08b687ad36a8fc9ddb691030
+f794dd352e24cfd5132fb016b4298b0f
+0bf51b0e42be1ac0b6f59c2eeae87c98
+16c1891aacfac54db2b539c550bdf731
+35efe05450f29c4c302e9400ae003c8d
+4c0b35638f89cc770b3781ca3dbf1484
+1f3afc8d73a9096a0b601f35b7fecb2e
+33313bde1f352d7a9eaeaa1ca8263713
+895333f55aa1938858d8eac91b80e6f9
+f480f67e37e259de13dabe683c388cab
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-05-02 03:25:14 -->
+<!-- RELEASE TIME : 2024-05-02 07:22:28 -->
 <html lang="zh-cn">
 
  <head>
@@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>4810ab7e08b687ad36a8fc9ddb691030</td>
+       <td>CVE-2023-51631</td>
+       <td>2024-05-02 00:15:07 <img src="imgs/new.gif" /></td>
+       <td>D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of a user-supplied string before copying it to a fixed-size stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21675.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-51631">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>f794dd352e24cfd5132fb016b4298b0f</td>
+       <td>CVE-2021-36594</td>
+       <td>2024-05-01 22:15:09 <img src="imgs/new.gif" /></td>
+       <td>SSRF in Oxwall 1.8.7 (11111) allows an attacker to execute arbitrary commands via Phar deserialization or internal API server or ... (via url parameter)</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2021-36594">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>0bf51b0e42be1ac0b6f59c2eeae87c98</td>
+       <td>CVE-2021-36593</td>
+       <td>2024-05-01 22:15:09 <img src="imgs/new.gif" /></td>
+       <td>Oxwall 1.8.7 (11111) is vulnerable to Incorrect Access Control. Unauthenticated file upload allows an attacker to upload image files.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2021-36593">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>16c1891aacfac54db2b539c550bdf731</td>
+       <td>CVE-2024-4142</td>
+       <td>2024-05-01 21:15:51 <img src="imgs/new.gif" /></td>
+       <td>An Improper input validation vulnerability that could potentially lead to privilege escalation was discovered in JFrog Artifactory. Due to this vulnerability, users with low privileges may gain administrative access to the system. This issue can also be exploited in Artifactory platforms with anonymous access enabled.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4142">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>35efe05450f29c4c302e9400ae003c8d</td>
+       <td>CVE-2024-33423</td>
+       <td>2024-05-01 20:15:12 <img src="imgs/new.gif" /></td>
+       <td>Cross-Site Scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Logout parameter under the Language section.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33423">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>4c0b35638f89cc770b3781ca3dbf1484</td>
+       <td>CVE-2024-33307</td>
+       <td>2024-05-01 20:15:12 <img src="imgs/new.gif" /></td>
+       <td>SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "Last Name" parameter in Create User.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33307">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>1f3afc8d73a9096a0b601f35b7fecb2e</td>
+       <td>CVE-2024-33306</td>
+       <td>2024-05-01 20:15:12 <img src="imgs/new.gif" /></td>
+       <td>SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via "First Name" parameter in Create User.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33306">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>33313bde1f352d7a9eaeaa1ca8263713</td>
+       <td>CVE-2024-25676</td>
+       <td>2024-05-01 20:15:12 <img src="imgs/new.gif" /></td>
+       <td>An issue was discovered in ViewerJS 0.5.8. A script from the component loads content via URL TAGs without properly sanitizing it. This leads to both open redirection and out-of-band resource loading.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25676">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>895333f55aa1938858d8eac91b80e6f9</td>
+       <td>CVE-2024-24403</td>
+       <td>2024-05-01 20:15:12 <img src="imgs/new.gif" /></td>
+       <td>Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2024-30176. Reason: This record is a reservation duplicate of CVE-2024-30176. Notes: All CVE users should reference CVE-2024-30176 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-24403">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>f480f67e37e259de13dabe683c388cab</td>
+       <td>CVE-2023-46295</td>
+       <td>2024-05-01 20:15:12 <img src="imgs/new.gif" /></td>
+       <td>An issue was discovered in Teledyne FLIR M300 2.00-19. Unauthenticated remote code execution can occur in the web server. An attacker can exploit this by sending a POST request to the vulnerable PHP page. An attacker can elevate to root permissions with Sudo.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-46295">详情</a></td>
+      </tr>
+
       <tr>
        <td>a1261b2c4b477c5b74cfeb25608072c7</td>
        <td>CVE-2024-28979</td>
@@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-34045">详情</a></td>
       </tr>
 
-      <tr>
-       <td>e3bf125cf831009947f3bbfd387a6c6f</td>
-       <td>CVE-2024-4296</td>
-       <td>2024-04-29 02:15:06</td>
-       <td>The account management interface of HGiga iSherlock (including MailSherlock, SpamSherlock, AuditSherlock) fails to filter special characters in certain function parameters, allowing remote attackers with administrative privileges to exploit this vulnerability to download arbitrary system files.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4296">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>71ba3a0585bb83f9918a0bb9ea6f7800</td>
-       <td>CVE-2024-33903</td>
-       <td>2024-04-29 01:15:09</td>
-       <td>In CARLA through 0.9.15.2, the collision sensor mishandles some situations involving pedestrians or bicycles, in part because the collision sensor function is not exposed to the Blueprint library.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33903">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>9dda4efd60143ba6b827d4bb0bff77fe</td>
-       <td>CVE-2024-33899</td>
-       <td>2024-04-29 00:15:07</td>
-       <td>RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33899">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>283bb3000e0fc0f85206ca19e72fc6be</td>
-       <td>CVE-2024-33891</td>
-       <td>2024-04-28 23:15:07</td>
-       <td>Delinea Secret Server before 11.7.000001 allows attackers to bypass authentication via the SOAP API in SecretServer/webservices/SSWebService.asmx. This is related to a hardcoded key, the use of the integer 2 for the Admin user, and removal of the oauthExpirationId attribute.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33891">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>d05d84e1991b97aa5bcf00bf20b264f2</td>
-       <td>CVE-2024-33331</td>
-       <td>2024-04-28 23:15:07</td>
-       <td>Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-33891. Reason: This candidate is a reservation duplicate of CVE-2024-33891. Notes: All CVE users should reference CVE-2024-33891 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33331">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>72b1317d4082c7b4b6d96ed0b6ada2a8</td>
-       <td>CVE-2024-33883</td>
-       <td>2024-04-28 16:15:23</td>
-       <td>The ejs (aka Embedded JavaScript templates) package before 3.1.10 for Node.js lacks certain pollution protection.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33883">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>8a3d9e9f0be0277a2dad498aab208cd1</td>
-       <td>CVE-2024-25050</td>
-       <td>2024-04-28 13:15:08</td>
-       <td>IBM i 7.2, 7.3, 7.4, 7.5 and IBM Rational Development Studio for i 7.2, 7.3, 7.4, 7.5 networking and compiler infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privileges. IBM X-Force ID: 283242.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-25050">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>e51bd18511f85dd246f6c515ec2af7ad</td>
-       <td>CVE-2022-48668</td>
-       <td>2024-04-28 13:15:08</td>
-       <td>In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in collapse range collapse range doesn't discard the affected cached region so can risk temporarily corrupting the file data. This fixes xfstest generic/031 I also decided to merge a minor cleanup to this into the same patch (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-48668">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>15e45ef5b7a214d58aadeca8b3096422</td>
-       <td>CVE-2022-48667</td>
-       <td>2024-04-28 13:15:08</td>
-       <td>In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in insert range insert range doesn't discard the affected cached region so can risk temporarily corrupting file data. Also includes some minor cleanup (avoiding rereading inode size repeatedly unnecessarily) to make it clearer.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-48667">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>b694c1138e76c76fa8e0c545655608f2</td>
-       <td>CVE-2022-48666</td>
-       <td>2024-04-28 13:15:08</td>
-       <td>In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a use-after-free There are two .exit_cmd_priv implementations. Both implementations use resources associated with the SCSI host. Make sure that these resources are still available when .exit_cmd_priv is called by waiting inside scsi_remove_host() until the tag set has been freed. This commit fixes the following use-after-free: ================================================================== BUG: KASAN: use-after-free in srp_exit_cmd_priv+0x27/0xd0 [ib_srp] Read of size 8 at addr ffff888100337000 by task multipathd/16727 Call Trace: <TASK> dump_stack_lvl+0x34/0x44 print_report.cold+0x5e/0x5db kasan_report+0xab/0x120 srp_exit_cmd_priv+0x27/0xd0 [ib_srp] scsi_mq_exit_request+0x4d/0x70 blk_mq_free_rqs+0x143/0x410 __blk_mq_free_map_and_rqs+0x6e/0x100 blk_mq_free_tag_set+0x2b/0x160 scsi_host_dev_release+0xf3/0x1a0 device_release+0x54/0xe0 kobject_put+0xa5/0x120 device_release+0x54/0xe0 kobject_put+0xa5/0x120 scsi_device_dev_release_usercontext+0x4c1/0x4e0 execute_in_process_context+0x23/0x90 device_release+0x54/0xe0 kobject_put+0xa5/0x120 scsi_disk_release+0x3f/0x50 device_release+0x54/0xe0 kobject_put+0xa5/0x120 disk_release+0x17f/0x1b0 device_release+0x54/0xe0 kobject_put+0xa5/0x120 dm_put_table_device+0xa3/0x160 [dm_mod] dm_put_device+0xd0/0x140 [dm_mod] free_priority_group+0xd8/0x110 [dm_multipath] free_multipath+0x94/0xe0 [dm_multipath] dm_table_destroy+0xa2/0x1e0 [dm_mod] __dm_destroy+0x196/0x350 [dm_mod] dev_remove+0x10c/0x160 [dm_mod] ctl_ioctl+0x2c2/0x590 [dm_mod] dm_ctl_ioctl+0x5/0x10 [dm_mod] __x64_sys_ioctl+0xb4/0xf0 dm_ctl_ioctl+0x5/0x10 [dm_mod] __x64_sys_ioctl+0xb4/0xf0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x46/0xb0</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2022-48666">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>