Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Sep 20, 2023
1 parent 152276b commit 2e6b98e
Show file tree
Hide file tree
Showing 3 changed files with 91 additions and 81 deletions.
10 changes: 10 additions & 0 deletions cache/NVD.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -175,3 +175,13 @@ ce77a0da1fa468cc51413ee49751ea74
53631702129be2fe0d68e85b7185d04d
f24c1e5028f0bc748144fa1f00983354
eaf2ddfde8c15a3ca96d3a361d6400b9
6a35eb0ecc6baafa493f36c4ed2d4d16
49f0cb827c6d46a14d0a602569a05300
50824740e3199c2438bb8b113e7715df
ca4e394cdfce7bbd99ef580f958f01a5
de838a16a4300c73a497bb3c6cb3d76b
9523fdf7865850f28192d1f6918bbc10
6079088aebad7baf77d212f549949938
5bc3f76c3be7820b58d67e17df9a76f6
f652dd4503ad84b795dc771cfc59d11d
72574b41528b607045249ac1a5af10a1
Binary file modified data/cves.db
View file
Binary file not shown.
162 changes: 81 additions & 81 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2023-09-20 03:23:13 -->
<!-- RELEASE TIME : 2023-09-20 05:25:41 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -2227,6 +2227,78 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>6a35eb0ecc6baafa493f36c4ed2d4d16</td>
<td>CVE-2023-5060</td>
<td>2023-09-19 03:15:08 <img src="imgs/new.gif" /></td>
<td>Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.1.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5060">详情</a></td>
</tr>

<tr>
<td>49f0cb827c6d46a14d0a602569a05300</td>
<td>CVE-2023-5036</td>
<td>2023-09-18 06:15:08 </td>
<td>Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5036">详情</a></td>
</tr>

<tr>
<td>50824740e3199c2438bb8b113e7715df</td>
<td>CVE-2023-5034</td>
<td>2023-09-18 05:15:07 </td>
<td>A vulnerability classified as problematic was found in SourceCodester My Food Recipe 1.0. This vulnerability affects unknown code of the file index.php of the component Image Upload Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239878 is the identifier assigned to this vulnerability.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5034">详情</a></td>
</tr>

<tr>
<td>ca4e394cdfce7bbd99ef580f958f01a5</td>
<td>CVE-2023-5033</td>
<td>2023-09-18 05:15:07 </td>
<td>A vulnerability classified as critical has been found in OpenRapid RapidCMS 1.3.1. This affects an unknown part of the file /admin/category/cate-edit-run.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239877 was assigned to this vulnerability.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5033">详情</a></td>
</tr>

<tr>
<td>de838a16a4300c73a497bb3c6cb3d76b</td>
<td>CVE-2023-5032</td>
<td>2023-09-18 04:15:11 </td>
<td>A vulnerability was found in OpenRapid RapidCMS 1.3.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/article/article-edit-run.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239876.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5032">详情</a></td>
</tr>

<tr>
<td>9523fdf7865850f28192d1f6918bbc10</td>
<td>CVE-2023-5031</td>
<td>2023-09-18 02:15:51 </td>
<td>A vulnerability was found in OpenRapid RapidCMS 1.3.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/article/article-add.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239875.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5031">详情</a></td>
</tr>

<tr>
<td>6079088aebad7baf77d212f549949938</td>
<td>CVE-2023-4987</td>
<td>2023-09-15 15:15:08 </td>
<td>A vulnerability, which was classified as critical, has been found in infinitietech taskhub 2.8.7. Affected by this issue is some unknown functionality of the file /home/get_tasks_list of the component GET Parameter Handler. The manipulation of the argument project/status/user_id/sort/search leads to sql injection. VDB-239798 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4987">详情</a></td>
</tr>

<tr>
<td>5bc3f76c3be7820b58d67e17df9a76f6</td>
<td>CVE-2023-4984</td>
<td>2023-09-15 14:15:11 </td>
<td>A vulnerability was found in didi KnowSearch 0.3.2/0.3.1.2. It has been rated as problematic. This issue affects some unknown processing of the file /api/es/admin/v3/security/user/1. The manipulation leads to unprotected storage of credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239795.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4984">详情</a></td>
</tr>

<tr>
<td>f652dd4503ad84b795dc771cfc59d11d</td>
<td>CVE-2023-4983</td>
<td>2023-09-15 14:15:11 </td>
<td>A vulnerability was found in app1pro Shopicial up to 20230830. It has been declared as problematic. This vulnerability affects unknown code of the file search. The manipulation of the argument from with the input comments&lt;/script&gt;'&quot;&gt;&lt;img src=x onerror=alert(document.cookie)&gt; leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239794 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4983">详情</a></td>
</tr>

<tr>
<td>6c1b9c4fee44f66c9d1f8ab988ec1e7f</td>
<td>CVE-2023-36659</td>
Expand All @@ -2251,6 +2323,14 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36658">详情</a></td>
</tr>

<tr>
<td>72574b41528b607045249ac1a5af10a1</td>
<td>CVE-2023-4972</td>
<td>2023-09-14 20:15:13 </td>
<td>Improper Privilege Management vulnerability in Yepas Digital Yepas allows Collect Data as Provided by Users.This issue affects .</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4972">详情</a></td>
</tr>

<tr>
<td>2cee661ace7acc1aa83012c59e559654</td>
<td>CVE-2023-32636</td>
Expand Down Expand Up @@ -2387,86 +2467,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35849">详情</a></td>
</tr>

<tr>
<td>bff8e66b22f70f7218e5b93898f90949</td>
<td>CVE-2021-44172</td>
<td>2023-09-13 13:15:07 </td>
<td>An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 through 7.0.4, 7.0.6 through 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated attacker to gain information on environment variables such as the EMS installation path.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44172">详情</a></td>
</tr>

<tr>
<td>540acb5cffec146903bd455b2b17608f</td>
<td>CVE-2023-29306</td>
<td>2023-09-13 09:15:15 </td>
<td>Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29306">详情</a></td>
</tr>

<tr>
<td>4a88501a6af84d42db17d4c27d44fd67</td>
<td>CVE-2023-29305</td>
<td>2023-09-13 09:15:15 </td>
<td>Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29305">详情</a></td>
</tr>

<tr>
<td>0f2f9e74651d194fbf6c54cf290ce621</td>
<td>CVE-2023-26369</td>
<td>2023-09-13 09:15:13 </td>
<td>Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-26369">详情</a></td>
</tr>

<tr>
<td>7abe9e444fb931d9847478bb3d8226b0</td>
<td>CVE-2023-21523</td>
<td>2023-09-12 20:15:08 </td>
<td>A Stored Cross-site Scripting (XSS) vulnerability in the Management Console (User Management and Alerts) of BlackBerry AtHoc version 7.15 could allow an attacker to execute script commands in the context of the affected user account.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21523">详情</a></td>
</tr>

<tr>
<td>e2a2e5f66f7313ce93cb9b8dcde37c58</td>
<td>CVE-2023-21520</td>
<td>2023-09-12 20:15:07 </td>
<td>A PII Enumeration via Credential Recovery in the Self Service&Acirc;&nbsp;(Credential Recovery) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially associate a list of contact details with an AtHoc IWS organization.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21520">详情</a></td>
</tr>

<tr>
<td>85ca0426243514b04281aa2dcc9a082a</td>
<td>CVE-2023-21522</td>
<td>2023-09-12 19:15:36 </td>
<td>A Reflected Cross-site Scripting (XSS) vulnerability in the Management Console (Reports) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially control a script that is executed in the victim's browser then they can execute script commands in the context of the affected user account.&Acirc;&nbsp;</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21522">详情</a></td>
</tr>

<tr>
<td>e0f12a28e563b380d0bcd0cb148c9532</td>
<td>CVE-2023-21521</td>
<td>2023-09-12 19:15:36 </td>
<td>An SQL Injection vulnerability in the Management Console?&Acirc;&nbsp;(Operator Audit Trail) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database, recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-21521">详情</a></td>
</tr>

<tr>
<td>5368dcbad69f59262e1c40243b56d98b</td>
<td>CVE-2023-30962</td>
<td>2023-09-12 19:15:36 </td>
<td>The Gotham Cerberus service was found to have a stored cross-site scripting (XSS) vulnerability that could have allowed an attacker with access to Gotham to launch attacks against other users. This vulnerability is resolved in Cerberus 100.230704.0-27-g031dd58 .</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30962">详情</a></td>
</tr>

<tr>
<td>d0568f9dd11713d1c03652f9a0c6e617</td>
<td>CVE-2023-36804</td>
<td>2023-09-12 17:15:16 </td>
<td>Windows GDI Elevation of Privilege Vulnerability</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36804">详情</a></td>
</tr>

</tbody>
</table>
</div>
Expand Down

0 comments on commit 2e6b98e

Please sign in to comment.