From 52bab3fe8d29a0366f306ce5913d3530be491b4f Mon Sep 17 00:00:00 2001 From: Github-Bot Date: Thu, 2 Jan 2025 06:32:38 +0000 Subject: [PATCH] Updated by Github Bot --- cache/Tenable (Nessus).dat | 4 +++ data/cves.db | Bin 50716672 -> 50720768 bytes docs/index.html | 66 ++++++++++++++++++------------------- 3 files changed, 37 insertions(+), 33 deletions(-) diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat index 0956d3e2963..ab1dfe4620c 100644 --- a/cache/Tenable (Nessus).dat +++ b/cache/Tenable (Nessus).dat @@ -175,3 +175,7 @@ f10ab1c4583f1ef8ae9cccb6b2c77ec8 e4df652ba160c5b0ad5e5a082b90e546 a3b73d5aa86921b64b39ed126c0d9be9 d8d42997602769499342c9bd95f9de6e +aede7fe13f06f706a298a45f5e0b2725 +e260a21f3fe53cdce8d2071fb94fe84f +19275921bfa6af21968f16e303f0d7ae +915f75bdc6c11912a00271d3340a0d20 diff --git a/data/cves.db b/data/cves.db index 84ac1e8ad3fbb0cfeccc3f88b17111f10f6deb2f..02988bcead4691e742838f8be0b73ef49426fd4f 100644 GIT binary patch delta 3913 zcmcK6XLMB68pd&ELg-aRK~M(^C>ofVB$EUbL@6quNKiqPJVSDZ1VR#$&}`I4MMSYi zv5eTUgCdGb5gS-QKt-{D9k64s_Yd6br~BpJb?=AYT4$eq_TKM)_q*3R(^l5Cowl{E z?Y#DxL+aIw7F`wT6&f;KR>%rl8CHEO(`sNfv>I8BttM7etC`i@YGJjsT3M~FeXM=0 z{j4_D{?-9jTdSRQpw-^$U>#%~Y#m}ntd7>9)?wD+))7`GtFv{ab(Gb`I@&tM%Cfpz z-K?k;v*K2^m1E^v2`kUaw+gK8RuAh~>o}{Y)yq2G>TR81ooMy3`da<0{?$<`^> z0BfK%$U4)-Y?hb+$FaI>$QK8fg_-tgE?>r!jBb(uBCy4;#;U142m&9knuuC}hRuC=bSuD9x}8>}0x`PNO=&DJf} ztybE)&01jHZrx$sY29VrZQWztYb~_yv+lPZupYD?vL3b`u@+g2tw*iLtR>dt)>7*U z>q%>w^_2Cr^^CRLT4AlUR$0$ltF7m(=dBm47p<49HP%||W$P8|RqHitoweS2-P&Mn zv^H69SZ`WyS(~l5t#_;~*1Ohw*8A26)>dnq^`Z5V^|AGd^{Mrl^|`g(+F|XqzOcTu zzOufyzOlZwzO!~&-&;ReKUzOoKU=?8zgoXpzgvG;e_DUdR%ot52qOdak%6P zCTNOgXpRF0}jH$I0O-N#GyD0hvNuzLT4O_qtFFM z;}~S2E4m?y7~;rA4sww|9`aFu?&yJIaU6Q07mi17oPZP22Yt~G{c#db#wi$pff$5S zaT*5WbPPcuhT;sIiL)>a!*Mo7;2fNbkto9M{3kIA#VA356h@;IWf+68D91Qdpb}LW zk80GQ785WLlQ0=ma30Rb1-K9wVJfC!I%Z%dX2G}^m*7&&#$}j;%P|*M;7ZKHRk#}0 z;96XV>rsara3kj9Cftl$a4XWd4GVBP?!cY63wPrl+>3>{5BK8%Jcx(zFdo4oEXJdF z3`_7hmf{IKiDh^SPvaRZ#|o^(Dm;tTcn;6w1-yutum)@KGG4)}cn#~Y9b;Bw5x6}S@fa22k`HMkbn;d<2J2Hc4GxCuAo7Tk(7 zZo>lHjyrHC?!w);2lrwj?!*0f01x6JJd8)M2#fJ39>Wqmj-_}4PhuIK!qa#L%drA0 zu?o*(HJ-!scmXfsC9J_(yo^`yDqh1ntjFuvfQ{IMH}EFj!e+dUcd!NT;yt{N53m*6 z@F70J$M^)F;xl}X?bv~x_yS+zD}0S_@GZW>E_{z4@FRZ0&-ewu;y3(`Kkz613eQ#s z*B@bIpnk?P%FMX4sL_tb^Xu*YM_$p4_J&ZX@ru^-MucaFS46%Eg>o`8qa(dzz={QB znHj~YjD6~DOgCJgnb9#E-d@)#x^!XItk!fl8I*O@%y!u`+a-f|BASfHQrW2>H@mo` zILI%FNAqH-Q3W}vAU_?Ovn$*_lAFkn7o0R9Sur{?JXu*&S{4~xnyem|EDk2rmK7(< z(+f(@54CAhTUuQ?VRUIEmPl{wR~+gzwQI7bDv~NI4=R%5f=F3Kq_#BJ(>`@~J17sv z1r@cC%G93sXH=C}CQJJ9_1`^=NJa`z>peJ99gLq4)YL|5D874|6%swb8e2h2Zi za@Tk?o|_eoWkutWXioQ7Zue;J-dNlGC&3Q?zXe;@dCPUtoSdvZS)9?!J5Jf1{^|X* zr}s}LgOVUG6~wYr(L^dQnn=bA@{>8asoWqsDxOz2zDIexskvG4cs!OfFj-MjotzTs zdvakU9*xFG+TL{2NJNt5<&~3aB7=gOn&jx9TdJ&R+}_8c>Yz9%n;2B@-rwY2)j?JH zl(LfJB88_999B#6q zUbD?jmbTuyWL5n=Mckl4)~t|s4BAtrjk9MqP8P&+Q+c_gN{SQ3u~?y delta 2925 zcmWmGRge$_6op}Smz9)mq*J=Pk&swQk>-Fj(%nlOV39^xx*J5gVQHkhq`SM@pNH?^ zzWy_3=7wGiPZGK#JjvMP!6A_%Rx&HO^@EkdN@=CCQd?=Pv{pJRy_LbrXl1f8 zTR&P^tgKcxE4!7$%4y}Ya$9+wX9#PU#;5KZ&n?vu2s*fZ#A$QT8*s6 z7JZsnO|9RpW>#~nh1Jq(Wwo~2SZ%F8taes=tAo|i>ST4cx>#MUZdP}zht<>SW%aiD zSbeR2R)1@N6>1H%23doxA(pM7)-Y?h6=sdF{P_pT9d4B zYqB-Pnrcn6rdud1 z##(Ewv({T1tc}(tYqPb*+G=gHwp$U_4r`~i%i3-2vG!W~to_!%)&c9Fb;vqw9kGsD z$E@Sl3G1YF$~tYGvCdlOtn=0d>p$zFb;-JHU9qlO*R1Q-4eO?L%ermdvF=*;tozmj z>!J0?dTc$ho?6eW=hh4BrS-~sZN0JHTJNm))(7jO^~w5deX+iVDPWWW5Qrc|MlilZ z6huWdL`Mw7#P^7W*ocF;h==${fP_ed#7KgqNQUJ20V$9YsgN3JkQV8X9vP4knUEPj zA`7x28?qw@av~RUBM$k7>c6=N}?1>qYTR8CzL~ZR6s@ij7q4C zDyWJOR6}*tKuy%bFZdO;@f+%(F6yB^8lWK>p)tPoZ-S=y9nH`jEzlCJ&>C&f7Jr}} z+M@$Hq7yo!3%a5kx}yhrq8ECj5Bj1X`eOh>F%W|=7(-wT#V`y<7)IbvjKnC6#u$vn zIE=>x{Dp~_gm6s86imf5OvenOCl9L&W$%*O&O#3C%l5-i0sEXUtifq$?PtFRht zuommE9viR`o3I&Muoc^|9TC`po!Eul*n_>;hyC~$2XGLFa2Q8$6vuEJCvXy{a2jWD z7Uyst7w{i0;u0?73a;WBuHy!7;udb>4({R}?&AR-;t?L>37+B^p5p~x;uT)w4c_7% z-s1y4;uAjO3%&+~DUkUi5J8BHV0?!th>B>4ju?oE?-2{J5eIP*5Al%z36ThikpxMR z49W2WQXnN#AvMwWJeCfQtATl~5T~P!%DlhU%z+ny7_e@GENLH`GC0)I)tVKtnV_ zV|?r11WoZfnxQ#bpe0(NHQJyp{y;mlM+bC7Cv-*^bVWCGM-TKwFZ4zq^hH1P#{h(4 zAO>MDhQJt#VHl1ujKH55iBTAhF&K++7>^0~3llL3;h2mmn2Kqbjv1JVS(uGEn2ULs zj|EtWMOcg_Sc+v>j=!-2|6nCnVKvrZE!JT@Hee$*VKcU1E4E=fBCrEHu?xGg2Yay( z`|&Rh;2;j+Fpl6Tj^Q{?;3Q7rG|u2G&fz>R;6Gf%C0xc8T*Wn9#|_-XE!@T(+{HcI z#{)dXBRs|vJjF9S#|yl~E4;=Vyu~}b#|M1GCw#^id<_g!5c5YMf)F`qn}UPpH;#Hg z+MGz=e&mRl+$RGf;#GebFeWe}*R@oE1%e~ywGIwy(jq8M + @@ -283,6 +283,38 @@

眈眈探求 | TITLE URL + + aede7fe13f06f706a298a45f5e0b2725 + CVE-2025-22214 + 2025-01-02 04:15:06 + Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection. + 详情 + + + + e260a21f3fe53cdce8d2071fb94fe84f + CVE-2024-56829 + 2025-01-02 04:15:05 + Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx. + 详情 + + + + 19275921bfa6af21968f16e303f0d7ae + CVE-2025-0168 + 2025-01-01 14:15:23 + A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument person leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. + 详情 + + + + 915f75bdc6c11912a00271d3340a0d20 + CVE-2024-11846 + 2025-01-01 06:15:23 + The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin + 详情 + + 3a90a772514a1e9c5b18017b660afe2a CVE-2024-56021 @@ -491,38 +523,6 @@

眈眈探求 | 详情 - - e07499f1d7af68cb81536ec240e5ad2a - CVE-2024-13028 - 2024-12-29 23:15:06 - A vulnerability, which was classified as problematic, has been found in Antabot White-Jotter up to 0.2.2. This issue affects some unknown processing of the file /login. The manipulation of the argument username leads to observable response discrepancy. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. - 详情 - - - - 5cd41072d32fe793e83f8b1ed83048cb - CVE-2024-13025 - 2024-12-29 23:15:05 - A vulnerability was found in Codezips College Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Front-end/faculty.php. The manipulation of the argument book_name/book_author leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. - 详情 - - - - c06e13e6f35a75502de6098c34ed930c - CVE-2024-13024 - 2024-12-29 21:15:06 - A vulnerability was found in Codezips Blood Bank Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /campaign.php. The manipulation of the argument cname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. - 详情 - - - - 9ae627d0718c86c9ff2ff9d54b822bd2 - CVE-2024-13023 - 2024-12-29 21:15:06 - A vulnerability has been found in PHPGurukul Maid Hiring Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/search-maid.php of the component Search Maid Page. The manipulation of the argument searchdata leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. - 详情 - -