diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat index 0496598b8d7..821d2bb5e7e 100644 --- a/cache/Tenable (Nessus).dat +++ b/cache/Tenable (Nessus).dat @@ -178,3 +178,10 @@ d31713c5bba2cca9565efd3b10277563 ae8198a51369df4539f0f0171a3565a6 28a9251c50bb1d8159648db887674c67 24ee646e8a12601b9a98fcea3757b681 +a8856752e80eaffe72aa25cb1ae78af3 +ea4d5ae72e6fd639cc010436cf02f6a9 +b273799c52646c405cb0eafa1bf54620 +52a7371b1aa63e400f82c8bbae13f02f +8b1b3037309ba63d90f958011ee562f0 +c97e5a38c85cf77728a1393839a2b923 +7c31e66078485a056d37ade7316a60aa diff --git a/data/cves.db b/data/cves.db index 1f5ea2742b3..3fca8ac6341 100644 Binary files a/data/cves.db and b/data/cves.db differ diff --git a/docs/index.html b/docs/index.html index 6dde7fd3bf9..e1657436212 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ - + @@ -283,10 +283,66 @@

眈眈探求 | TITLE URL + + a8856752e80eaffe72aa25cb1ae78af3 + CVE-2024-12895 + 2024-12-22 14:15:04 + A vulnerability has been found in TreasureHuntGame TreasureHunt up to 963e0e0 and classified as critical. Affected by this vulnerability is the function console_log of the file TreasureHunt/checkflag.php. The manipulation of the argument problema leads to sql injection. The attack can be launched remotely. The identifier of the patch is 8bcc649abc35b7734951be084bb522a532faac4e. It is recommended to apply a patch to fix this issue. + 详情 + + + + ea4d5ae72e6fd639cc010436cf02f6a9 + CVE-2024-12894 + 2024-12-22 12:15:16 + A vulnerability, which was classified as critical, was found in TreasureHuntGame TreasureHunt up to 963e0e0. Affected is an unknown function of the file TreasureHunt/acesso.php. The manipulation of the argument usuario leads to sql injection. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The name of the patch is 8bcc649abc35b7734951be084bb522a532faac4e. It is recommended to apply a patch to fix this issue. + 详情 + + + + b273799c52646c405cb0eafa1bf54620 + CVE-2024-12893 + 2024-12-22 08:15:06 + A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. Affected by this issue is some unknown functionality of the file /usuarios/tipos/2 of the component Tipo de Usuário Page. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. + 详情 + + + + 52a7371b1aa63e400f82c8bbae13f02f + CVE-2024-12892 + 2024-12-22 08:15:04 + A vulnerability classified as problematic was found in code-projects Online Exam Mastering System 1.0. Affected by this vulnerability is an unknown functionality of the file /sign.php?q=account.php. The manipulation of the argument name/gender/college leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. + 详情 + + + + 8b1b3037309ba63d90f958011ee562f0 + CVE-2024-12891 + 2024-12-22 07:15:04 + A vulnerability classified as critical has been found in code-projects Online Exam Mastering System 1.0. Affected is an unknown function of the file /account.php?q=quiz&step=2. The manipulation of the argument eid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. + 详情 + + + + c97e5a38c85cf77728a1393839a2b923 + CVE-2024-12890 + 2024-12-22 06:15:05 + A vulnerability was found in code-projects Online Exam Mastering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /update.php?q=quiz&step=2. The manipulation of the argument eid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. + 详情 + + + + 7c31e66078485a056d37ade7316a60aa + CVE-2024-11852 + 2024-12-22 02:15:16 + The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the get_layouts() function in all versions up to, and including, 5.10.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to obtain a detailed listing of layout templates. + 详情 + + 8d759e21a4d9967ec8236a8bcf7daa36 CVE-2024-51464 - 2024-12-21 14:15:21 + 2024-12-21 14:15:21 IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to remotely perform operations that the user is not allowed to perform when using Navigator for i. 详情 @@ -294,7 +350,7 @@

眈眈探求 | + 2024-12-21 14:15:21 IBM i 7.3, 7.4, and 7.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. 详情 @@ -302,7 +358,7 @@

眈眈探求 | + 2024-12-21 14:15:21 A vulnerability was found in Codezips E-Commerce Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. 详情 @@ -310,7 +366,7 @@

眈眈探求 | + 2024-12-21 13:15:05 A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /_email.php. The manipulation of the argument email leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. 详情 @@ -318,7 +374,7 @@

眈眈探求 | + 2024-12-21 12:15:20 The Easy Digital Downloads – eCommerce Payments and Subscriptions made easy plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.2 via the file download functionality. This makes it possible for authenticated attackers, with Administrator-level access and above, to read the contents of arbitrary files on the server, which can contain sensitive information. 详情 @@ -326,7 +382,7 @@

眈眈探求 | + 2024-12-21 10:15:09 The MagicPost plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wb_share_social shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. 详情 @@ -334,7 +390,7 @@

眈眈探求 | + 2024-12-21 10:15:08 The WP BASE Booking of Appointments, Services and Events plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_db function in all versions up to, and including, 4.9.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to expose sensitive information from the database, such as the hashed administrator password. 详情 @@ -342,7 +398,7 @@

眈眈探求 | + 2024-12-21 10:15:08 The WP on AWS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST data in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 详情 @@ -350,7 +406,7 @@

眈眈探求 | + 2024-12-21 10:15:07 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 3.25.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. This requires an unauthenticated user to have been given permission to view form submissions, and the form submission shortcode be added to a page. 详情 @@ -358,7 +414,7 @@

眈眈探求 | + 2024-12-21 10:15:06 The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver' or 'date' parameter in all versions up to, and including, 2.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. 详情 @@ -366,7 +422,7 @@

眈眈探求 | + 2024-12-20 17:15:07 Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute arbitrary code. 详情 @@ -374,7 +430,7 @@

眈眈探求 | + 2024-12-20 16:15:24 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The mitigation for CVE-2024-50379 was incomplete. Users running Tomcat on a case insensitive file system with the default servlet write enabled (readonly initialisation parameter set to the non-default value of false) may need additional configuration to fully mitigate CVE-2024-50379 depending on which version of Java they are using with Tomcat: - running on Java 8 or Java 11: the system property sun.io.useCanonCaches must be explicitly set to false (it defaults to true) - running on Java 17: the system property sun.io.useCanonCaches, if set, must be set to false (it defaults to false) - running on Java 21 onwards: no further configuration is required (the system property and the problematic cache have been removed) Tomcat 11.0.3, 10.1.35 and 9.0.99 onwards will include checks that sun.io.useCanonCaches is set appropriately before allowing the default servlet to be write enabled on a case insensitive file system. Tomcat will also set sun.io.useCanonCaches to false by default where it can. 详情 @@ -382,7 +438,7 @@

眈眈探求 | + 2024-12-20 16:15:24 Oqtane Framework is vulnerable to Insecure Direct Object Reference (IDOR) in Oqtane.Controllers.UserController. This allows unauthorized users to access sensitive information of other users by manipulating the id parameter. 详情 @@ -390,7 +446,7 @@

眈眈探求 | + 2024-12-20 16:15:23 Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully log into the application or access restricted data without proper authorization. The lack of server-side validation exacerbates the issue, as the application relies on client-side information for authentication. 详情 @@ -398,7 +454,7 @@

眈眈探求 | + 2024-12-20 16:15:23 An IDOR (Insecure Direct Object Reference) vulnerability exists in oqtane Framework 6.0.0, allowing a logged-in user to access inbox messages of other users by manipulating the notification ID in the request URL. By changing the notification ID, an attacker can view sensitive mail details belonging to other users. 详情 @@ -406,7 +462,7 @@

眈眈探求 | + 2024-12-20 16:15:23 A server-side request forgery exists in Satellite. When a PUT HTTP request is made to /http_proxies/test_connection, when supplied with the http_proxies variable set to localhost, the attacker can fetch the localhost banner. 详情 @@ -414,7 +470,7 @@

眈眈探求 | + 2024-12-20 16:15:21 Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS (Cross-site Scripting), which allows a low-privileged user to inject and store malicious JavaScript code. If an admin views the ticket, the script might perform actions with their privileges, including command execution. This issue has been fixed in version 1.668 of DirectAdmin Evolution Skin. 详情 @@ -422,7 +478,7 @@

眈眈探求 | + 2024-12-20 15:15:09 In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack 详情 @@ -430,7 +486,7 @@

眈眈探求 | + 2024-12-20 15:15:09 In JetBrains TeamCity before 2024.12 missing Content-Type header in RemoteBuildLogController response could lead to XSS 详情 @@ -438,7 +494,7 @@

眈眈探求 | + 2024-12-20 15:15:09 In JetBrains TeamCity before 2024.12 password field value were accessible to users with view settings permission 详情 @@ -467,62 +523,6 @@

眈眈探求 | 详情 - - a612fec9d9c34061cac19ccb39256465 - CVE-2024-38819 - 2024-12-19 18:15:10 - Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running. - 详情 - - - - ecfcc9d22cb4e446c05fed6dcfb63efb - CVE-2024-12794 - 2024-12-19 18:15:09 - A vulnerability, which was classified as critical, was found in Codezips E-Commerce Site 1.0. This affects an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. - 详情 - - - - 45741a22a532811bd0cbda89884a6352 - CVE-2024-12793 - 2024-12-19 18:15:09 - A vulnerability, which was classified as problematic, has been found in PbootCMS up to 5.2.3. Affected by this issue is some unknown functionality of the file apps/home/controller/IndexController.php. The manipulation of the argument tag leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 5.2.4 is able to address this issue. It is recommended to upgrade the affected component. - 详情 - - - - a171fb73bfdc33c86ae3a19612719ee4 - CVE-2024-12792 - 2024-12-19 18:15:08 - A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file newadmin.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. - 详情 - - - - 6c93d59c8fe4b93d71a5315b26b6eab2 - CVE-2024-12791 - 2024-12-19 18:15:08 - A vulnerability was found in Codezips E-Commerce Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file signin.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. - 详情 - - - - 43e6502c5abfce4e5f77de13ac605dc7 - CVE-2023-7005 - 2024-12-19 18:15:06 - A specially crafted message can be sent to the TTLock App that downgrades the encryption protocol used for communication, and can be utilized to compromise the lock, such as through revealing the unlockKey field. - 详情 - - - - 3d34d3cb1b0f5f7a4893a019ea08a3f1 - CVE-2024-55081 - 2024-12-19 17:15:09 - An XML External Entity (XXE) injection vulnerability in the component /datagrip/upload of Chat2DB v0.3.5 allows attackers to execute arbitrary code via supplying a crafted XML input. - 详情 - - @@ -1990,7 +1990,7 @@

眈眈探求 | + 2024-12-20 09:22:26 OpenSSL内存错误引用漏洞 详情 @@ -1998,7 +1998,7 @@

眈眈探求 | + 2024-12-20 09:22:26 Open WebUI权限管理不当漏洞 详情 @@ -2006,7 +2006,7 @@

眈眈探求 | + 2024-12-20 09:22:26 LemonLDAP::NG命令执行漏洞 详情 @@ -2014,7 +2014,7 @@

眈眈探求 | + 2024-12-20 09:22:26 Open WebUI路径遍历漏洞 详情 @@ -2022,7 +2022,7 @@

眈眈探求 | + 2024-12-20 09:22:26 YugabyteDB信息泄露漏洞 详情 @@ -2030,7 +2030,7 @@

眈眈探求 | + 2024-12-20 09:22:26 DotNetZip目录遍历漏洞 详情 @@ -2038,7 +2038,7 @@

眈眈探求 | + 2024-12-20 09:22:26 Ampache跨站请求伪造漏洞 详情 @@ -2046,7 +2046,7 @@

眈眈探求 | + 2024-12-20 09:22:26 Craft CMS路径遍历漏洞 详情 @@ -2054,7 +2054,7 @@

眈眈探求 | + 2024-12-20 09:22:26 obgm libcoap拒绝服务漏洞 详情 @@ -2062,7 +2062,7 @@

眈眈探求 | + 2024-12-20 09:22:26 Red Hat 3scale身份验证错误漏洞 详情 @@ -2070,7 +2070,7 @@

眈眈探求 | + 2024-12-20 09:22:26 Buildah路径遍历漏洞 详情 @@ -2078,7 +2078,7 @@

眈眈探求 | + 2024-12-20 09:22:26 Adobe Framemaker数字错误漏洞 详情 @@ -2086,7 +2086,7 @@

眈眈探求 | + 2024-12-20 09:22:26 FydeOS多款产品信息泄露漏洞 详情 @@ -2094,7 +2094,7 @@

眈眈探求 | + 2024-12-20 09:22:26 Open WebUI信息泄露漏洞 详情 @@ -2102,7 +2102,7 @@

眈眈探求 | + 2024-12-20 09:22:26 MirrorCache跨站脚本漏洞 详情