diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat
index ab2be7d5bb7..64e2101c56d 100644
--- a/cache/Tenable (Nessus).dat	
+++ b/cache/Tenable (Nessus).dat	
@@ -180,3 +180,13 @@ cd5e032ffe052c193ad63764099a229c
 f906d8cb36d24d8ff38dce7e37a5f7f7
 cd31e80af727416fa921a7fea13e7f7c
 34f15ea4746098cd99de090d5679f9d5
+a391db25adf8c2cd2cc34bb4ea442274
+1539d0272e54965789a7f9ab1c27f401
+9eec9b49bcdcc9ac24a0a8c9a5d5f95b
+4fdbf33748ea75d38f8ac045aa306ab1
+86635ea38a607f675e45bb2bf0366706
+4e9561c1fb555057a93fac88536ab6e5
+9dbaef59d3a24333acacb4140a88c412
+244f204acbee1ff428f99af6afe94fe3
+57dcc095861454525aa6f1b55d69d1e3
+5ffff2d21aa74e70384e62daeca48dd1
diff --git a/data/cves.db b/data/cves.db
index 2002949221d..78dee025d45 100644
Binary files a/data/cves.db and b/data/cves.db differ
diff --git a/docs/index.html b/docs/index.html
index d33df5fc913..cbda6600907 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-12-12 09:27:40 -->
+<!-- RELEASE TIME : 2024-12-12 15:27:49 -->
 <html lang="zh-cn">
 
  <head>
@@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>a391db25adf8c2cd2cc34bb4ea442274</td>
+       <td>CVE-2024-50584</td>
+       <td>2024-12-12 14:15:22 <img src="imgs/new.gif" /></td>
+       <td>An authenticated attacker with the user/role "Poweruser" can perform an SQL injection by accessing the /class/template_io.php file and supplying malicious GET parameters. The "templates" parameter is vulnerable against blind boolean-based SQL injection attacks. SQL syntax must be injected into the JSON syntax of the templates parameter.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-50584">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>1539d0272e54965789a7f9ab1c27f401</td>
+       <td>CVE-2024-28146</td>
+       <td>2024-12-12 14:15:22 <img src="imgs/new.gif" /></td>
+       <td>The application uses several hard-coded credentials to encrypt config files during backup, to decrypt the new firmware during an update and some passwords allow a direct connection to the database server of the affected device.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28146">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>9eec9b49bcdcc9ac24a0a8c9a5d5f95b</td>
+       <td>CVE-2024-28145</td>
+       <td>2024-12-12 14:15:22 <img src="imgs/new.gif" /></td>
+       <td>An unauthenticated attacker can perform an SQL injection by accessing the /class/dbconnect.php file and supplying malicious GET parameters. The HTTP GET parameters search, table, field, and value are vulnerable. For example, one SQL injection can be performed on the parameter "field" with the UNION keyword.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28145">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>4fdbf33748ea75d38f8ac045aa306ab1</td>
+       <td>CVE-2024-28144</td>
+       <td>2024-12-12 14:15:22 <img src="imgs/new.gif" /></td>
+       <td>An attacker who can spoof the IP address and the User-Agent of a logged-in user can takeover the session because of flaws in the self-developed session management. If two users access the web interface from the same IP they are logged in as the other user.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28144">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>86635ea38a607f675e45bb2bf0366706</td>
+       <td>CVE-2024-28143</td>
+       <td>2024-12-12 14:15:22 <img src="imgs/new.gif" /></td>
+       <td>The password change function at /cgi/admin.cgi does not require the current/old password, which makes the application vulnerable to account takeover. An attacker can use this to forcefully set a new password within the -rsetpass+-aaction+- parameter for a user without knowing the old password, e.g. by exploiting a CSRF issue.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28143">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>4e9561c1fb555057a93fac88536ab6e5</td>
+       <td>CVE-2024-54122</td>
+       <td>2024-12-12 13:15:11 <img src="imgs/new.gif" /></td>
+       <td>Concurrent variable access vulnerability in the ability module Impact: Successful exploitation of this vulnerability may affect availability.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54122">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>9dbaef59d3a24333acacb4140a88c412</td>
+       <td>CVE-2024-54119</td>
+       <td>2024-12-12 13:15:11 <img src="imgs/new.gif" /></td>
+       <td>Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54119">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>244f204acbee1ff428f99af6afe94fe3</td>
+       <td>CVE-2024-54118</td>
+       <td>2024-12-12 13:15:11 <img src="imgs/new.gif" /></td>
+       <td>Cross-process screen stack vulnerability in the UIExtension module Impact: Successful exploitation of this vulnerability may affect service confidentiality.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54118">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>57dcc095861454525aa6f1b55d69d1e3</td>
+       <td>CVE-2024-47947</td>
+       <td>2024-12-12 13:15:10 <img src="imgs/new.gif" /></td>
+       <td>Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "Edit Disclaimer Text" function of the configuration menu is vulnerable to stored XSS. Only the users Poweruser and Admin can use this function which is available at the URL https://$SCANNER/cgi/admin.cgi?-rdisclaimer+-apre The stored Javascript payload will be executed every time the ScanWizard is loaded, even in the Kiosk-mode browser.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-47947">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>5ffff2d21aa74e70384e62daeca48dd1</td>
+       <td>CVE-2024-36498</td>
+       <td>2024-12-12 13:15:10 <img src="imgs/new.gif" /></td>
+       <td>Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "Edit Disclaimer Text" function of the configuration menu is vulnerable to stored XSS. Only the users Poweruser and Admin can use this function which is available at the URL https://$SCANNER/cgi/admin.cgi?-rdisclaimer+-apre The stored Javascript payload will be executed every time the ScanWizard is loaded, even in the Kiosk-mode browser. Version 7.40 implemented a fix, but it could be bypassed via URL-encoding the Javascript payload again.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-36498">详情</a></td>
+      </tr>
+
       <tr>
        <td>db248c0aad583cee4771e463a3dbd3a1</td>
        <td>CVE-2024-12325</td>
@@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-45709">详情</a></td>
       </tr>
 
-      <tr>
-       <td>5900fb8f4b4e64597d05d10d9a72a9ec</td>
-       <td>CVE-2023-48277</td>
-       <td>2024-12-09 11:39:26</td>
-       <td>Missing Authorization vulnerability in SuperPWA Super Progressive Web Apps allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Super Progressive Web Apps: from n/a through 2.2.21.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-48277">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>5da1046edb0b166a7fbf96bb10d413ae</td>
-       <td>CVE-2024-54227</td>
-       <td>2024-12-09 11:32:29</td>
-       <td>Missing Authorization vulnerability in theDotstore Minimum and Maximum Quantity for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimum and Maximum Quantity for WooCommerce: from n/a through 2.0.0.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54227">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>b43a5c02440ae82e08383fb5ffd1bd22</td>
-       <td>CVE-2024-54251</td>
-       <td>2024-12-09 11:32:28</td>
-       <td>Missing Authorization vulnerability in Prodigy Commerce Prodigy Commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prodigy Commerce: from n/a through 3.0.9.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54251">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>319bee83b9dfd18ddcfc441ebaf5c51d</td>
-       <td>CVE-2024-54224</td>
-       <td>2024-12-09 11:32:15</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuomodoSoft ElementsReady Addons for Elementor allows DOM-Based XSS.This issue affects ElementsReady Addons for Elementor: from n/a through 6.4.7.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54224">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>e76fbdd1be06e0c8dc5835932b2d88a2</td>
-       <td>CVE-2024-54228</td>
-       <td>2024-12-09 11:32:14</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebOccult Technologies Pvt Ltd Wot Elementor Widgets allows DOM-Based XSS.This issue affects Wot Elementor Widgets: from n/a through 1.0.1.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54228">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>b1030cbc424aed75b916d97c39f308ca</td>
-       <td>CVE-2024-54230</td>
-       <td>2024-12-09 11:32:13</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPRealizer Unlock Addons for Elementor allows DOM-Based XSS.This issue affects Unlock Addons for Elementor: from n/a through 1.0.0.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54230">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>b93f7b6d9803cc219ae147c3a74a68a7</td>
-       <td>CVE-2024-54232</td>
-       <td>2024-12-09 11:32:12</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rrdevs RRAddons for Elementor allows Stored XSS.This issue affects RRAddons for Elementor: from n/a through 1.1.0.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54232">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>fc39563782d7fd868726cc1c16b6052d</td>
-       <td>CVE-2024-54260</td>
-       <td>2024-12-09 11:32:11</td>
-       <td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlazeThemes News Kit Elementor Addons allows Stored XSS.This issue affects News Kit Elementor Addons: from n/a through 1.2.2.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54260">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>d4ede3ecb17bbf09d397002365a6bbb4</td>
-       <td>CVE-2024-54226</td>
-       <td>2024-12-09 11:32:08</td>
-       <td>Cross-Site Request Forgery (CSRF) vulnerability in Karl Kiesinger Country Blocker allows Stored XSS.This issue affects Country Blocker: from n/a through 3.2.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54226">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>ec7c9173dc2c4fc7fdb029f521dc93ec</td>
-       <td>CVE-2024-54255</td>
-       <td>2024-12-09 11:32:02</td>
-       <td>URL Redirection to Untrusted Site ('Open Redirect') vulnerability in aviplugins.com Login Widget With Shortcode allows Phishing.This issue affects Login Widget With Shortcode: from n/a through 6.1.2.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-54255">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>