Updated by Github Bot

EXP-Tools · Dec 4, 2024 · 4bd731e · 4bd731e
1 parent be8813e
commit 4bd731e
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 81 deletions.
diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat
@@ -102,3 +102,13 @@ e35683925b14e304537319db4fa9a916
 dab11fa1400700787b766753e088e193
 a8e87a5c7cd45c454e29bffc4b5bf64f
 b2f96993ae3781ad684605ac69f217d3
+b803b349c35d632b3cf6a7dba45ceba0
+12727cb7dfddc82e51c7b448710cb05c
+ba63dfef634a2fe0687179acf7d464e8
+baed5a479cb89eea0ae03744791b412f
+edeaf99f5aa6e681e896b69ee375c365
+d30a6a0a871c08efe722fa0218fa92fe
+7caf3ddef8fd06a87306652a96e9be1f
+2e70d46367c2fe2fd630bfe42ed30405
+f1290c5f5300021600825d693b2501cb
+7450e61446c158e6a5881d1fb9cab4e6
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-12-04 09:27:54 -->
+<!-- RELEASE TIME : 2024-12-04 15:27:27 -->
 <html lang="zh-cn">
 
  <head>
@@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>b803b349c35d632b3cf6a7dba45ceba0</td>
+       <td>CVE-2024-52277</td>
+       <td>2024-12-04 11:30:51 <img src="imgs/new.gif" /></td>
+       <td>** INITIAL LIMITED RELEASE ** User Interface (UI) Misrepresentation of Critical Information vulnerability in [WITHHELD] allows Content Spoofing.This issue affects [WITHHELD]: through [WITHHELD].</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-52277">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>12727cb7dfddc82e51c7b448710cb05c</td>
+       <td>CVE-2024-52276</td>
+       <td>2024-12-04 11:30:50 <img src="imgs/new.gif" /></td>
+       <td>** INITIAL LIMITED RELEASE ** User Interface (UI) Misrepresentation of Critical Information vulnerability in [WITHHELD] allows Content Spoofing.This issue affects [WITHHELD]: through 2024-12-04.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-52276">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>ba63dfef634a2fe0687179acf7d464e8</td>
+       <td>CVE-2024-52275</td>
+       <td>2024-12-04 11:30:50 <img src="imgs/new.gif" /></td>
+       <td>Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-52275">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>baed5a479cb89eea0ae03744791b412f</td>
+       <td>CVE-2024-52274</td>
+       <td>2024-12-04 11:30:50 <img src="imgs/new.gif" /></td>
+       <td>Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-52274">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>edeaf99f5aa6e681e896b69ee375c365</td>
+       <td>CVE-2024-52273</td>
+       <td>2024-12-04 11:30:50 <img src="imgs/new.gif" /></td>
+       <td>Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoublePppoeConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-52273">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>d30a6a0a871c08efe722fa0218fa92fe</td>
+       <td>CVE-2024-52272</td>
+       <td>2024-12-04 11:30:50 <img src="imgs/new.gif" /></td>
+       <td>Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-52272">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>7caf3ddef8fd06a87306652a96e9be1f</td>
+       <td>CVE-2024-12107</td>
+       <td>2024-12-04 11:15:05 <img src="imgs/new.gif" /></td>
+       <td>Double-Free Vulnerability in uD3TN BPv7 Caused by Malformed Endpoint Identifier allows remote attacker to reliably cause DoS</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-12107">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>2e70d46367c2fe2fd630bfe42ed30405</td>
+       <td>CVE-2024-11814</td>
+       <td>2024-12-04 10:15:05 <img src="imgs/new.gif" /></td>
+       <td>The Additional Custom Order Status for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the wfwp_wcos_delete_finished, wfwp_wcos_delete_fallback_finished, wfwp_wcos_delete_fallback_orders_updated, and wfwp_wcos_delete_fallback_status parameters in all versions up to, and including, 1.6.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11814">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>f1290c5f5300021600825d693b2501cb</td>
+       <td>CVE-2024-5020</td>
+       <td>2024-12-04 09:15:04 <img src="imgs/new.gif" /></td>
+       <td>Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions 1.3.4 to 3.5.7) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-5020">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>7450e61446c158e6a5881d1fb9cab4e6</td>
+       <td>CVE-2024-11952</td>
+       <td>2024-12-04 09:15:04 <img src="imgs/new.gif" /></td>
+       <td>The Classic Addons – WPBakery Page Builder plugin for WordPress is vulnerable to Limited Local PHP File Inclusion in all versions up to, and including, 3.0 via the 'style' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, and permissions granted by an Administrator, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. The vulnerability is limited to PHP files in a Windows environment.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11952">详情</a></td>
+      </tr>
+
       <tr>
        <td>bb2e9775a85894d4704f09c64d2bc95f</td>
        <td>CVE-2024-11326</td>
@@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-33040">详情</a></td>
       </tr>
 
-      <tr>
-       <td>46e099e3b49bdebccb6a3ca57e3151a3</td>
-       <td>CVE-2024-53786</td>
-       <td>2024-11-30 22:15:19</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeless Cowidgets – Elementor Addons allows Stored XSS.This issue affects Cowidgets – Elementor Addons: from n/a through 1.2.0.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-53786">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>30f3e76a59e0cfd4e16fd26bc0d3e0fb</td>
-       <td>CVE-2024-53778</td>
-       <td>2024-11-30 22:15:19</td>
-       <td>Cross-Site Request Forgery (CSRF) vulnerability in Essential Marketer Essential Breadcrumbs allows Stored XSS.This issue affects Essential Breadcrumbs: from n/a through 1.1.1.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-53778">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>25c336b74dd634eb2872622c82bf86a1</td>
-       <td>CVE-2024-53774</td>
-       <td>2024-11-30 22:15:19</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sparkle WP Sparkle Elementor Kit allows DOM-Based XSS.This issue affects Sparkle Elementor Kit: from n/a through 2.0.9.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-53774">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>c4f29c6a89c087493cc0d1151d7ca82b</td>
-       <td>CVE-2024-53773</td>
-       <td>2024-11-30 22:15:19</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Praca.Pl sp. Z o.O. Znajdź Pracę z Praca.Pl allows DOM-Based XSS.This issue affects Znajdź Pracę z Praca.Pl: from n/a through 2.2.3.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-53773">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>813fa77b4b0e45970aef0dc45a6bf424</td>
-       <td>CVE-2024-53772</td>
-       <td>2024-11-30 22:15:18</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Mail Picker allows DOM-Based XSS.This issue affects Mail Picker: from n/a through 1.0.14.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-53772">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>35661668d9313d99d7c60a846857f3f0</td>
-       <td>CVE-2024-53771</td>
-       <td>2024-11-30 22:15:18</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sergio Micó SimpleSchema allows DOM-Based XSS.This issue affects SimpleSchema: from n/a through 1.7.6.9.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-53771">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>623993476f1983760b45238a67110a24</td>
-       <td>CVE-2024-53767</td>
-       <td>2024-11-30 22:15:18</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixobe Pixobe Cartography allows DOM-Based XSS.This issue affects Pixobe Cartography: from n/a through 1.0.1.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-53767">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>d2694f90c50308543b3e40e158888e6a</td>
-       <td>CVE-2024-53766</td>
-       <td>2024-11-30 22:15:18</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Devnex Devnex Addons For Elementor allows DOM-Based XSS.This issue affects Devnex Addons For Elementor: from n/a through 1.0.8.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-53766">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>13d203bb65465af07b6238ad30c0b47f</td>
-       <td>CVE-2024-53764</td>
-       <td>2024-11-30 22:15:18</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftHopper Softtemplates For Elementor allows DOM-Based XSS.This issue affects Softtemplates For Elementor: from n/a through 1.0.8.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-53764">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>f9e8a430a3187ba744befd4cccf35eeb</td>
-       <td>CVE-2024-53763</td>
-       <td>2024-11-30 22:15:18</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rejuan Ahamed Best Addons for Elementor allows Stored XSS.This issue affects Best Addons for Elementor: from n/a through 1.0.5.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-53763">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>