diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat index ca566e35244..9a3b94e5f95 100644 --- a/cache/Tenable (Nessus).dat +++ b/cache/Tenable (Nessus).dat @@ -132,3 +132,13 @@ d9f4784c901b298a45c9f1c898f6d8d6 d32dcd98baedc0c631969fbd321592f5 7b1ed8c57b92204972d8e3f27935a69b 47ddb5fb2820090776ef99d26c57b5a1 +2dccbb99f03fcbe254dc1bfcb4b24516 +2626ac6614a10b4e1bacfd355f084fca +e2e321219edc3482f79cd1e238fc5099 +9fc20f284d6c796758c03566d08aacb8 +86090bb528b0c38822ad0f671ee672bd +b6238125972cb6f1ee5ef674c48d3b95 +2c4a22710e8ac39225cfe188c2d6df0d +79320fddb0d23ec2234cbf8e5b55b611 +cf51a6bf61ab50cd35cde2e2baace040 +5263a762b608fc0d6f1fbd48b088ecfe diff --git a/data/cves.db b/data/cves.db index c04cd9e94b4..e2e0ba30918 100644 Binary files a/data/cves.db and b/data/cves.db differ diff --git a/docs/index.html b/docs/index.html index ec20914e345..4150da214ee 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ - + @@ -283,6 +283,86 @@

眈眈探求 | TITLE URL + + 2dccbb99f03fcbe254dc1bfcb4b24516 + CVE-2024-11501 + 2024-12-07 12:15:19 + The Gallery plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.3 via deserialization of untrusted input from wd_gallery_$id parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable software. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. + 详情 + + + + 2626ac6614a10b4e1bacfd355f084fca + CVE-2024-11464 + 2024-12-07 12:15:19 + The Easy Code Snippets plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + 详情 + + + + e2e321219edc3482f79cd1e238fc5099 + CVE-2024-11457 + 2024-12-07 12:15:19 + The Feedpress Generator – External RSS Frontend Customizer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + 详情 + + + + 9fc20f284d6c796758c03566d08aacb8 + CVE-2024-11380 + 2024-12-07 12:15:17 + The Mini Program API plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'qvideo' shortcode in all versions up to, and including, 1.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + 详情 + + + + 86090bb528b0c38822ad0f671ee672bd + CVE-2024-12270 + 2024-12-07 10:15:06 + The Beautiful taxonomy filters plugin for WordPress is vulnerable to SQL Injection via the 'selects[0][term]' parameter in all versions up to, and including, 2.4.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. + 详情 + + + + b6238125972cb6f1ee5ef674c48d3b95 + CVE-2024-12253 + 2024-12-07 10:15:06 + The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'save_settings', 'export_csv', and 'simpleecommcart-action' actions in all versions up to, and including, 3.1.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to update the plugins settings and retrieve order and log data (which is also accessible to unauthenticated users). + 详情 + + + + 2c4a22710e8ac39225cfe188c2d6df0d + CVE-2024-12128 + 2024-12-07 10:15:05 + The Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘monthly_sales_current_year’ parameter in all versions up to, and including, 3.1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + 详情 + + + + 79320fddb0d23ec2234cbf8e5b55b611 + CVE-2024-11374 + 2024-12-07 10:15:05 + The TWChat – Send or receive messages from users plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove_query_arg without appropriate escaping on the URL in all versions up to, and including, 4.0.4. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + 详情 + + + + cf51a6bf61ab50cd35cde2e2baace040 + CVE-2024-11367 + 2024-12-07 10:15:05 + The Smoove connector for Elementor forms plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 4.1.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. + 详情 + + + + 5263a762b608fc0d6f1fbd48b088ecfe + CVE-2024-11010 + 2024-12-07 10:15:04 + The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.4 via the 'default_lang' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. + 详情 + + 8005fbdff62ad91ebee53bd77371e395 CVE-2024-53908 @@ -366,7 +446,7 @@

眈眈探求 | + 2024-12-05 11:15:06 User Interface (UI) Misrepresentation of Critical Information vulnerability in DropBox Sign(HelloSign) allows Content Spoofing. Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened. This issue affects DropBox Sign(HelloSign): through 2024-12-04. 详情 @@ -374,7 +454,7 @@

眈眈探求 | + 2024-12-05 10:31:40 Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a result, an arbitrary OS command may be executed and/or configuration settings of the device may be altered. 详情 @@ -382,7 +462,7 @@

眈眈探求 | + 2024-12-05 10:31:40 UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier allow a remote authenticated attacker with an administrative account to execute arbitrary OS commands. 详情 @@ -390,7 +470,7 @@

眈眈探求 | + 2024-12-05 10:31:40 Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained. 详情 @@ -398,7 +478,7 @@

眈眈探求 | + 2024-12-05 10:31:39 The WIP WooCarousel Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wip_woocarousel_products_carousel' shortcode in all versions up to, and including, 1.1.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 详情 @@ -406,7 +486,7 @@

眈眈探求 | + 2024-12-05 10:31:39 The Blocksy theme for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Info Block link parameter in all versions up to, and including, 2.0.77 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 详情 @@ -414,7 +494,7 @@

眈眈探求 | + 2024-12-05 10:31:39 The Simple Redirection plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the settings_page() function. This makes it possible for unauthenticated attackers to update the plugin's settings and redirect all site visitors via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. 详情 @@ -422,7 +502,7 @@

眈眈探求 | + 2024-12-05 10:31:39 The Accounting for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.6.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 详情 @@ -430,7 +510,7 @@

眈眈探求 | + 2024-12-05 10:31:39 The NewsMunch theme for WordPress is vulnerable to Stored Cross-Site Scripting via a malicious display name in all versions up to, and including, 1.0.35 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 详情 @@ -438,91 +518,11 @@

眈眈探求 | + 2024-12-05 10:31:38 The AnyWhere Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.11 via the 'INSERT_ELEMENTOR' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft posts created by Elementor that they should not have access to. 详情 - - b803b349c35d632b3cf6a7dba45ceba0 - CVE-2024-52277 - 2024-12-04 11:30:51 - ** INITIAL LIMITED RELEASE ** User Interface (UI) Misrepresentation of Critical Information vulnerability in [WITHHELD] allows Content Spoofing.This issue affects [WITHHELD]: through [WITHHELD]. - 详情 - - - - 12727cb7dfddc82e51c7b448710cb05c - CVE-2024-52276 - 2024-12-04 11:30:50 - ** INITIAL LIMITED RELEASE ** User Interface (UI) Misrepresentation of Critical Information vulnerability in [WITHHELD] allows Content Spoofing.This issue affects [WITHHELD]: through 2024-12-04. - 详情 - - - - ba63dfef634a2fe0687179acf7d464e8 - CVE-2024-52275 - 2024-12-04 11:30:50 - Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50. - 详情 - - - - baed5a479cb89eea0ae03744791b412f - CVE-2024-52274 - 2024-12-04 11:30:50 - Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 - 详情 - - - - edeaf99f5aa6e681e896b69ee375c365 - CVE-2024-52273 - 2024-12-04 11:30:50 - Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoublePppoeConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 - 详情 - - - - d30a6a0a871c08efe722fa0218fa92fe - CVE-2024-52272 - 2024-12-04 11:30:50 - Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 - 详情 - - - - 7caf3ddef8fd06a87306652a96e9be1f - CVE-2024-12107 - 2024-12-04 11:15:05 - Double-Free Vulnerability in uD3TN BPv7 Caused by Malformed Endpoint Identifier allows remote attacker to reliably cause DoS - 详情 - - - - 2e70d46367c2fe2fd630bfe42ed30405 - CVE-2024-11814 - 2024-12-04 10:15:05 - The Additional Custom Order Status for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the wfwp_wcos_delete_finished, wfwp_wcos_delete_fallback_finished, wfwp_wcos_delete_fallback_orders_updated, and wfwp_wcos_delete_fallback_status parameters in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. - 详情 - - - - f1290c5f5300021600825d693b2501cb - CVE-2024-5020 - 2024-12-04 09:15:04 - Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions 1.3.4 to 3.5.7) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. - 详情 - - - - 7450e61446c158e6a5881d1fb9cab4e6 - CVE-2024-11952 - 2024-12-04 09:15:04 - The Classic Addons – WPBakery Page Builder plugin for WordPress is vulnerable to Limited Local PHP File Inclusion in all versions up to, and including, 3.0 via the 'style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, and permissions granted by an Administrator, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. The vulnerability is limited to PHP files in a Windows environment. - 详情 - - @@ -2110,7 +2110,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Foreman信息泄露漏洞 详情 @@ -2118,7 +2118,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Unified Communications Manager信息泄露漏洞 详情 @@ -2126,7 +2126,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Identity Services Engine (ISE)服务器端安全性客户端实施漏洞 详情 @@ -2134,7 +2134,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Enterprise Chat and Email (ECE)输入验证错误漏洞 详情 @@ -2142,7 +2142,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Unified Industrial Wireless Software命令注入漏洞 详情 @@ -2150,7 +2150,7 @@

眈眈探求 | + 2024-12-05 09:25:10 IBM Maximo Application Suite - Monitor Component跨站脚本漏洞 详情 @@ -2158,7 +2158,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Unified Contact Center Management Portal跨站脚本漏洞 详情 @@ -2166,7 +2166,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Identity Services Engine (ISE)路径遍历漏洞 详情 @@ -2174,7 +2174,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Identity Services Engine (ISE)路径遍历漏洞 详情 @@ -2182,7 +2182,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Identity Services Engine (ISE)服务器端请求伪造漏洞 详情 @@ -2190,7 +2190,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Identity Services Engine (ISE)跨站脚本漏洞 详情 @@ -2198,7 +2198,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Identity Services Engine (ISE)跨站脚本漏洞 详情 @@ -2206,7 +2206,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco AsyncOS Software跨站脚本漏洞 详情 @@ -2214,7 +2214,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Meeting Server信息泄露漏洞 详情 @@ -2222,7 +2222,7 @@

眈眈探求 | + 2024-12-05 09:25:10 Cisco Identity Services Engine (ISE)跨站脚本漏洞 详情