Updated by Github Bot

EXP-Tools · Sep 29, 2023 · 4721a9d · 4721a9d
1 parent 3071955
commit 4721a9d
Show file tree

Hide file tree

Showing 3 changed files with 57 additions and 49 deletions.
diff --git a/cache/NVD.dat b/cache/NVD.dat
@@ -119,3 +119,11 @@ ac78f62eb954822702ebb809d36559fd
 7ac7db75f1d6efa4a1e5ef1e17310d3c
 93a30f171133ad61e25d2170ff919175
 e73fcab94a81816b2403bde465b34e5b
+d180a520e938734ec2a15357cc3952dc
+a97ea477c346e6ecb082f8ffcaa76da8
+5b6d7eb859ebe5065c9fa2568539c343
+420062f419187effc2e771cb2657311d
+c9b755d9f9ddbb0fd8f420c630920222
+50632a4d89f102ff4fb7d135ede42249
+65f7a1d63bc7b89a3525598825bf0470
+4bb11a54a9622af003b091644b566cdb
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2023-09-29 16:29:48 -->
+<!-- RELEASE TIME : 2023-09-29 18:28:22 -->
 <html lang="zh-cn">
 
  <head>
@@ -2275,6 +2275,14 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5161">详情</a></td>
       </tr>
 
+      <tr>
+       <td>d180a520e938734ec2a15357cc3952dc</td>
+       <td>CVE-2023-5129</td>
+       <td>2023-09-25 21:15:16 </td>
+       <td>** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.&Acirc;&nbsp;Duplicate of CVE-2023-4863.</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5129">详情</a></td>
+      </tr>
+
       <tr>
        <td>b6280c6240f209cade713c64e689eb5e</td>
        <td>CVE-2023-5166</td>
@@ -2307,6 +2315,14 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5156">详情</a></td>
       </tr>
 
+      <tr>
+       <td>c9b755d9f9ddbb0fd8f420c630920222</td>
+       <td>CVE-2023-4892</td>
+       <td>2023-09-25 16:15:15 </td>
+       <td>Teedy v1.11 has a vulnerability in its text editor that allows eventsto be executed in HTML tags that an attacker could manipulate. Thanksto this, it is possible to execute malicious JavaScript in the webapp.</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4892">详情</a></td>
+      </tr>
+
       <tr>
        <td>b8ca929b4f748ada648de22becc72696</td>
        <td>CVE-2023-5154</td>
@@ -2387,6 +2403,22 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5125">详情</a></td>
       </tr>
 
+      <tr>
+       <td>420062f419187effc2e771cb2657311d</td>
+       <td>CVE-2023-5002</td>
+       <td>2023-09-22 14:15:47 </td>
+       <td>A flaw was found in pgAdmin. This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. Versions of pgAdmin prior to 7.6 failed to properly control the server code executed on this API, allowing an authenticated user to run arbitrary commands on the server.</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5002">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>a97ea477c346e6ecb082f8ffcaa76da8</td>
+       <td>CVE-2023-5068</td>
+       <td>2023-09-21 23:15:13 </td>
+       <td>Delta Electronics DIAScreen may write past the end of an allocated buffer while parsing a specially crafted input file. This could allow an attacker to execute code in the context of the current process.</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5068">详情</a></td>
+      </tr>
+
       <tr>
        <td>c4c8e6fad1208c422fb884063dc408dc</td>
        <td>CVE-2023-5104</td>
@@ -2403,6 +2435,14 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5074">详情</a></td>
       </tr>
 
+      <tr>
+       <td>5b6d7eb859ebe5065c9fa2568539c343</td>
+       <td>CVE-2023-5042</td>
+       <td>2023-09-20 12:15:12 </td>
+       <td>Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713.</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5042">详情</a></td>
+      </tr>
+
       <tr>
        <td>be01985caf3d13a706450396ccdce1b6</td>
        <td>CVE-2023-5084</td>
@@ -2411,6 +2451,14 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5084">详情</a></td>
       </tr>
 
+      <tr>
+       <td>50632a4d89f102ff4fb7d135ede42249</td>
+       <td>CVE-2023-4853</td>
+       <td>2023-09-20 10:15:14 </td>
+       <td>A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service.</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4853">详情</a></td>
+      </tr>
+
       <tr>
        <td>1d49a765844dd4af56f01d5405420162</td>
        <td>CVE-2023-5063</td>
@@ -2419,54 +2467,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5063">详情</a></td>
       </tr>
 
-      <tr>
-       <td>d5f9b68a051c497fca8417eb1e6f4095</td>
-       <td>CVE-2023-5062</td>
-       <td>2023-09-20 03:15:14 </td>
-       <td>The WordPress Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wp_charts' shortcode in versions up to, and including, 0.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5062">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>77fb68b61f9b45e5d5d973d9698f7d7d</td>
-       <td>CVE-2023-5054</td>
-       <td>2023-09-19 07:15:51 </td>
-       <td>The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.2. This is due to insufficient restrictions on the sendMail.php file that allows direct access. This makes it possible for unauthenticated attackers to send emails utilizing the vulnerable site's server, with arbitrary content. Please note that this vulnerability has already been publicly disclosed with an exploit which is why we are publishing the details without a patch available, we are attempting to initiate contact with the developer.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5054">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>6a35eb0ecc6baafa493f36c4ed2d4d16</td>
-       <td>CVE-2023-5060</td>
-       <td>2023-09-19 03:15:08 </td>
-       <td>Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.1.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5060">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>49f0cb827c6d46a14d0a602569a05300</td>
-       <td>CVE-2023-5036</td>
-       <td>2023-09-18 06:15:08 </td>
-       <td>Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5036">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>50824740e3199c2438bb8b113e7715df</td>
-       <td>CVE-2023-5034</td>
-       <td>2023-09-18 05:15:07 </td>
-       <td>A vulnerability classified as problematic was found in SourceCodester My Food Recipe 1.0. This vulnerability affects unknown code of the file index.php of the component Image Upload Handler. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239878 is the identifier assigned to this vulnerability.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5034">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>ca4e394cdfce7bbd99ef580f958f01a5</td>
-       <td>CVE-2023-5033</td>
-       <td>2023-09-18 05:15:07 </td>
-       <td>A vulnerability classified as critical has been found in OpenRapid RapidCMS 1.3.1. This affects an unknown part of the file /admin/category/cate-edit-run.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239877 was assigned to this vulnerability.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5033">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>