Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Dec 13, 2024
1 parent 4d9f67b commit 22b9800
Show file tree
Hide file tree
Showing 3 changed files with 101 additions and 86 deletions.
15 changes: 15 additions & 0 deletions cache/Nsfocus.dat
Original file line number Diff line number Diff line change
Expand Up @@ -150,3 +150,18 @@ ea8a19af507112e643980f4a220fce83
a337f2354a3503d59786acc94840435c
7e092777c3c1f415f0b64d4452f54762
9ce02d37c5fe2187ec5d7d081c1971ae
f5fe9133cc9539f4e6e2efcd6968308c
ca72fddd4bbfdcf7531048b2ee9d72e8
7245ba145c1a0de09d8f70f5ebb2e81a
247c467fb38393cdece0320403582765
a70073ae02e240040507e03e3d928571
66f34cec4dc79adb82279c005d4a8ecf
0b8b6aea051e0606022e0996680a4074
31325878e76b2f80386715bc31439083
bf11f84ac210a634a56cf433751fa23e
a258156d8aa7102f556bf4fe48d2bf96
2076cba2d6bfba3ee4f324c4c6b86278
8afb427efda362db24fa9cb8e43d5d63
56facd6acce5d926bf87587c1c3810d2
4c0f929068f47a9c7ecbe2b145299e74
a092d5defdfcd58c864f82faf71e4b8b
Binary file modified data/cves.db
Binary file not shown.
172 changes: 86 additions & 86 deletions docs/index.html
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2024-12-12 15:27:49 -->
<!-- RELEASE TIME : 2024-12-13 03:39:24 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -366,79 +366,79 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<tr>
<td>db248c0aad583cee4771e463a3dbd3a1</td>
<td>CVE-2024-12325</td>
<td>2024-12-11 12:15:19 <img src="imgs/new.gif" /></td>
<td>2024-12-11 12:15:19</td>
<td>The Waymark plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘content’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-12325">详情</a></td>
</tr>

<tr>
<td>8c0b2f150886a0617cb37b88db8cce66</td>
<td>CVE-2024-12294</td>
<td>2024-12-11 11:15:06 <img src="imgs/new.gif" /></td>
<td>2024-12-11 11:15:06</td>
<td>The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.1 via the 'get_legacy_cookies' function. This makes it possible for unauthenticated attackers to extract sensitive data including titles and permalinks of private, password-protected, pending, and draft posts.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-12294">详情</a></td>
</tr>

<tr>
<td>cd5e032ffe052c193ad63764099a229c</td>
<td>CVE-2024-11840</td>
<td>2024-12-11 11:15:06 <img src="imgs/new.gif" /></td>
<td>2024-12-11 11:15:06</td>
<td>The RapidLoad – Optimize Web Vitals Automatically plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on the uucss_data, update_rapidload_settings, wp_ajax_update_htaccess_file, uucss_update_rule, upload_rules, get_all_rules, update_titan_settings, preload_page, and activate_module functions in all versions up to, and including, 2.4.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify plugin settings or conduct SQL injection attacks.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11840">详情</a></td>
</tr>

<tr>
<td>73ad812f37b5e70d75cec1f3820293e6</td>
<td>CVE-2024-11008</td>
<td>2024-12-11 11:15:04 <img src="imgs/new.gif" /></td>
<td>2024-12-11 11:15:04</td>
<td>The Members – Membership & User Role Editor Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.2.10 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11008">详情</a></td>
</tr>

<tr>
<td>213be5c4b498d0e72720b253da2a5ec6</td>
<td>CVE-2024-54269</td>
<td>2024-12-11 10:15:07 <img src="imgs/new.gif" /></td>
<td>2024-12-11 10:15:07</td>
<td>Missing Authorization vulnerability in Ninja Team Notibar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notibar: from n/a through 2.1.4.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54269">详情</a></td>
</tr>

<tr>
<td>78f923f00b4ec286adfa0dbd78ea7378</td>
<td>CVE-2024-12363</td>
<td>2024-12-11 10:15:07 <img src="imgs/new.gif" /></td>
<td>2024-12-11 10:15:07</td>
<td>Insufficient permissions in the TeamViewer Patch & Asset Management component prior to version 24.12 on Windows allows a local authenticated user to delete arbitrary files. TeamViewer Patch & Asset Management is part of TeamViewer Remote Management.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-12363">详情</a></td>
</tr>

<tr>
<td>8d37a459d55e27a3efa74a0b4ccc5af8</td>
<td>CVE-2024-11737</td>
<td>2024-12-11 10:15:06 <img src="imgs/new.gif" /></td>
<td>2024-12-11 10:15:06</td>
<td>CWE-20: Improper Input Validation vulnerability exists that could lead to a denial of service and a loss of confidentiality, integrity of the controller when an unauthenticated crafted Modbus packet is sent to the device.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11737">详情</a></td>
</tr>

<tr>
<td>f906d8cb36d24d8ff38dce7e37a5f7f7</td>
<td>CVE-2024-11401</td>
<td>2024-12-11 10:15:06 <img src="imgs/new.gif" /></td>
<td>2024-12-11 10:15:06</td>
<td>Rapid7 Insight Platform versions prior to November 13th 2024, suffer from a privilege escalation vulnerability whereby, due to a lack of authorization checks, an attacker can successfully update the password policy in the platform settings as a standard user by crafting an API (the functionality was not possible through the platform's User Interface). This vulnerability has been fixed as of November 13th 2024.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11401">详情</a></td>
</tr>

<tr>
<td>cd31e80af727416fa921a7fea13e7f7c</td>
<td>CVE-2024-12283</td>
<td>2024-12-11 09:15:05 <img src="imgs/new.gif" /></td>
<td>2024-12-11 09:15:05</td>
<td>The WP Pipes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘x1’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-12283">详情</a></td>
</tr>

<tr>
<td>34f15ea4746098cd99de090d5679f9d5</td>
<td>CVE-2024-12004</td>
<td>2024-12-11 09:15:05 <img src="imgs/new.gif" /></td>
<td>2024-12-11 09:15:05</td>
<td>The WPC Order Notes for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.2. This is due to missing or incorrect nonce validation on the ajax_update_order_note() function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-12004">详情</a></td>
</tr>
Expand Down Expand Up @@ -2108,123 +2108,123 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
</tr>

<tr>
<td>7f9e70819f86ac78be0671213cfd07bd</td>
<td>CVE-2024-9270</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress Lenxel Core for Lenxel(LNX) LMS Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107897">详情</a></td>
<td>f5fe9133cc9539f4e6e2efcd6968308c</td>
<td>CVE-2024-49387</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>Acronis Cyber Protect信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108043">详情</a></td>
</tr>

<tr>
<td>11398c77d757f8a44befc6a1c1ea47d3</td>
<td>CVE-2024-10673</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress Top Store theme未授权任意插件安装漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107896">详情</a></td>
<td>ca72fddd4bbfdcf7531048b2ee9d72e8</td>
<td>CVE-2024-45276</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>Helmholz REX100身份验证不足漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108042">详情</a></td>
</tr>

<tr>
<td>3860b1051ea469c13b150126ccc27dec</td>
<td>CVE-2024-10674</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress Shop Mania theme未授权任意插件安装漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107895">详情</a></td>
<td>7245ba145c1a0de09d8f70f5ebb2e81a</td>
<td></td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>PHPGurukul User Registration &amp; Login and User Management System跨站请求伪造漏洞(CVE-</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108041">详情</a></td>
</tr>

<tr>
<td>36c2e4bfd6d25fb83aac8d50bb2a4140</td>
<td>CVE-2024-10667</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress Content Slider Block Plugin信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107894">详情</a></td>
<td>247c467fb38393cdece0320403582765</td>
<td>CVE-2024-45274</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>Helmholz REX100访问控制错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108040">详情</a></td>
</tr>

<tr>
<td>3a5778dca15231662366dfeb26ac88f2</td>
<td>CVE-2024-10588</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress Debug Tool Plugin未授权数据访问漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107893">详情</a></td>
<td>a70073ae02e240040507e03e3d928571</td>
<td>CVE-2024-45275</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>Helmholz REX100信任管理问题漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108039">详情</a></td>
</tr>

<tr>
<td>e47196a2885ab12637c978b39aa3b58c</td>
<td>CVE-2024-10779</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress Cowidgets – Elementor Addons Plugin信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107892">详情</a></td>
<td>66f34cec4dc79adb82279c005d4a8ecf</td>
<td>CVE-2024-9974</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>Carlo Montero Online Eyewear Shop SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108038">详情</a></td>
</tr>

<tr>
<td>ef3e8c11b98085217b37a53308d5d50a</td>
<td>CVE-2024-10285</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress CE21 Suite Plugin敏感信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107891">详情</a></td>
<td>0b8b6aea051e0606022e0996680a4074</td>
<td>CVE-2024-47945</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>Rittal IoT Interface &amp; CMC III Processing Unit会话劫持漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108037">详情</a></td>
</tr>

<tr>
<td>86ff960aaf3ddb15314e383ece28779c</td>
<td>CVE-2024-10625</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress WooCommerce Support Ticket System Plugin任意文件删除漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107890">详情</a></td>
<td>31325878e76b2f80386715bc31439083</td>
<td>CVE-2024-9985</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>Ragic Enterprise Cloud Database任意代码执行漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108036">详情</a></td>
</tr>

<tr>
<td>4a4168454f53dc0406dd8ffb28cdf16a</td>
<td>CVE-2024-10770</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress Envo Extra Plugin信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107889">详情</a></td>
<td>bf11f84ac210a634a56cf433751fa23e</td>
<td>CVE-2024-9925</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>TAI Smart Factory QPLANT SF SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108035">详情</a></td>
</tr>

<tr>
<td>a7fbfa7389348e06f3322d2aa9735b2a</td>
<td>CVE-2024-10284</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress CE21 Suite Plugin身份认证绕过漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107888">详情</a></td>
<td>a258156d8aa7102f556bf4fe48d2bf96</td>
<td>CVE-2024-47944</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>Rittal IoT Interface &amp; CMC III Processing Unit代码执行漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108034">详情</a></td>
</tr>

<tr>
<td>78de477ae9857ac8d94e0ce3589269f7</td>
<td>CVE-2024-9775</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress Anih - Creative Agency WordPress Theme跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107887">详情</a></td>
<td>2076cba2d6bfba3ee4f324c4c6b86278</td>
<td>CVE-2024-9982</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>ESi AIM LINE Marketing Platform SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108033">详情</a></td>
</tr>

<tr>
<td>e52b98ef7414c088b7cd36a5c97db314</td>
<td>CVE-2024-10669</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress Countdown Timer Block Plugin信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107886">详情</a></td>
<td>8afb427efda362db24fa9cb8e43d5d63</td>
<td>CVE-2024-47824</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>matrix-react-sdk信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108032">详情</a></td>
</tr>

<tr>
<td>22c953925bbb435f84dad07c780bd0de</td>
<td>CVE-2024-10586</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress Debug Tool Plugin任意文件创建漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107885">详情</a></td>
<td>56facd6acce5d926bf87587c1c3810d2</td>
<td></td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>PHPGurukul User Registration &amp; Login and User Management System SQL注入漏洞(CVE-</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108031">详情</a></td>
</tr>

<tr>
<td>d94fbccd3fc942f27f00a3b4dc5faa1a</td>
<td>CVE-2024-10693</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress SKT Addons for Elementor Plugin信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107884">详情</a></td>
<td>4c0f929068f47a9c7ecbe2b145299e74</td>
<td>CVE-2024-9895</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Smart Online Order for Clover跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108030">详情</a></td>
</tr>

<tr>
<td>092ba82551c3144c64d385e618425922</td>
<td>CVE-2024-10294</td>
<td>2024-12-11 09:25:37 <img src="imgs/new.gif" /></td>
<td>WordPress CE21 Suite Plugin未授权数据修改漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/107883">详情</a></td>
<td>a092d5defdfcd58c864f82faf71e4b8b</td>
<td>CVE-2024-49388</td>
<td>2024-12-12 03:37:17 <img src="imgs/new.gif" /></td>
<td>Acronis Cyber Protect信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/108029">详情</a></td>
</tr>

</tbody>
Expand Down

0 comments on commit 22b9800

Please sign in to comment.