Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Sep 18, 2023
1 parent 1d2c221 commit 61cac31
Show file tree
Hide file tree
Showing 3 changed files with 83 additions and 73 deletions.
10 changes: 10 additions & 0 deletions cache/NVD.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -181,3 +181,13 @@ d4b3d6114a20ff6ba8c50b281a8651f7
46544730acae18e7747bd7df6cf82919
447e34497695f62525b42260ed653ddc
b0bff8acbfc8b4e4e556cddb12cca1b1
b312e222e5efd3414cd3a8abe94ab6bc
56980fa910a888df15e2779dc1e99b4e
5f58f41ffc21ccc1c1ae15c898cd7e74
540acb5cffec146903bd455b2b17608f
4a88501a6af84d42db17d4c27d44fd67
c63ed8a05c1ab72186ab0d8302f1b543
f5e8b25a690af8e44a3730d76450451b
992df98d14c1f6653f34e5327f03c77e
244b43e2362cb17726541b027548feb8
7c1f5e1b9d461277f697f2c39a7601b2
Binary file modified data/cves.db
View file
Binary file not shown.
146 changes: 73 additions & 73 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2023-09-18 07:22:07 -->
<!-- RELEASE TIME : 2023-09-18 10:29:06 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -2243,6 +2243,38 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3255">详情</a></td>
</tr>

<tr>
<td>c63ed8a05c1ab72186ab0d8302f1b543</td>
<td>CVE-2023-29183</td>
<td>2023-09-13 13:15:08 </td>
<td>An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29183">详情</a></td>
</tr>

<tr>
<td>992df98d14c1f6653f34e5327f03c77e</td>
<td>CVE-2023-27998</td>
<td>2023-09-13 13:15:08 </td>
<td>A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTP(s) paths.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27998">详情</a></td>
</tr>

<tr>
<td>540acb5cffec146903bd455b2b17608f</td>
<td>CVE-2023-29306</td>
<td>2023-09-13 09:15:15 </td>
<td>Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29306">详情</a></td>
</tr>

<tr>
<td>4a88501a6af84d42db17d4c27d44fd67</td>
<td>CVE-2023-29305</td>
<td>2023-09-13 09:15:15 </td>
<td>Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29305">详情</a></td>
</tr>

<tr>
<td>52111c8632e4ec561c38e328a922251e</td>
<td>CVE-2023-33136</td>
Expand All @@ -2251,6 +2283,22 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-33136">详情</a></td>
</tr>

<tr>
<td>56980fa910a888df15e2779dc1e99b4e</td>
<td>CVE-2023-29463</td>
<td>2023-09-12 17:15:09 </td>
<td>The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and does not require authentication. If exploited, a malicious user could potentially retrieve other application users&acirc;&euro;&trade; session data and or log users out of their session.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29463">详情</a></td>
</tr>

<tr>
<td>5f58f41ffc21ccc1c1ae15c898cd7e74</td>
<td>CVE-2023-29332</td>
<td>2023-09-12 17:15:08 </td>
<td>Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29332">详情</a></td>
</tr>

<tr>
<td>ed65bc8594926fc00870198104820a56</td>
<td>CVE-2023-34470</td>
Expand Down Expand Up @@ -2283,6 +2331,14 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4913">详情</a></td>
</tr>

<tr>
<td>7c1f5e1b9d461277f697f2c39a7601b2</td>
<td>CVE-2023-27169</td>
<td>2023-09-12 12:15:07 </td>
<td>Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which leads to the generation of a hardcoded and predictable symmetric encryption keys for license generation and validation.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27169">详情</a></td>
</tr>

<tr>
<td>eca89a774753d5abb1f89d39326c67be</td>
<td>CVE-2023-4887</td>
Expand Down Expand Up @@ -2339,6 +2395,22 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4881">详情</a></td>
</tr>

<tr>
<td>b312e222e5efd3414cd3a8abe94ab6bc</td>
<td>CVE-2023-30058</td>
<td>2023-09-11 16:15:07 </td>
<td>novel-plus 3.6.2 is vulnerable to SQL Injection.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-30058">详情</a></td>
</tr>

<tr>
<td>244b43e2362cb17726541b027548feb8</td>
<td>CVE-2023-27470</td>
<td>2023-09-11 15:15:52 </td>
<td>BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-27470">详情</a></td>
</tr>

<tr>
<td>c2bf618fc8f19c88451514c8c251aecf</td>
<td>CVE-2023-4873</td>
Expand Down Expand Up @@ -2395,78 +2467,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4869">详情</a></td>
</tr>

<tr>
<td>3aff0bb444fb14691f48442e5d846153</td>
<td>CVE-2023-4868</td>
<td>2023-09-10 01:15:07 </td>
<td>A vulnerability was found in SourceCodester Contact Manager App 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239353 was assigned to this vulnerability.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4868">详情</a></td>
</tr>

<tr>
<td>837638b02e53d28c647abdb7488a256d</td>
<td>CVE-2023-4875</td>
<td>2023-09-09 15:15:35 </td>
<td>Null pointer dereference when composing from a specially crafted draft message in Mutt &gt;1.5.2 &lt;2.2.12</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4875">详情</a></td>
</tr>

<tr>
<td>a4ff7dd14c1442b04c30ee1e942fa61e</td>
<td>CVE-2023-4874</td>
<td>2023-09-09 15:15:34 </td>
<td>Null pointer dereference when viewing a specially crafted email in Mutt &gt;1.5.2 &lt;2.2.12</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4874">详情</a></td>
</tr>

<tr>
<td>3ff8a49b00a55b47ca7716e31a963a94</td>
<td>CVE-2023-4848</td>
<td>2023-09-09 10:15:07 </td>
<td>A vulnerability classified as critical was found in SourceCodester Simple Book Catalog App 1.0. Affected by this vulnerability is an unknown functionality of the file delete_book.php. The manipulation of the argument delete leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239257 was assigned to this vulnerability.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4848">详情</a></td>
</tr>

<tr>
<td>e59acf79ecb4206dcfd6b865a014d9f9</td>
<td>CVE-2023-4847</td>
<td>2023-09-09 08:15:07 </td>
<td>A vulnerability classified as problematic has been found in SourceCodester Simple Book Catalog App 1.0. Affected is an unknown function of the component Update Book Form. The manipulation of the argument book_title/book_author leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239256.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4847">详情</a></td>
</tr>

<tr>
<td>65f7a1d63bc7b89a3525598825bf0470</td>
<td>CVE-2023-4846</td>
<td>2023-09-09 08:15:07 </td>
<td>A vulnerability was found in SourceCodester Simple Membership System 1.0. It has been rated as critical. This issue affects some unknown processing of the file delete_member.php. The manipulation of the argument mem_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239255.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4846">详情</a></td>
</tr>

<tr>
<td>4bb11a54a9622af003b091644b566cdb</td>
<td>CVE-2023-4845</td>
<td>2023-09-09 07:15:50 </td>
<td>A vulnerability was found in SourceCodester Simple Membership System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file account_edit_query.php. The manipulation of the argument admin_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239254 is the identifier assigned to this vulnerability.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4845">详情</a></td>
</tr>

<tr>
<td>289bc2fc048cb2e5977955eae1cf6f82</td>
<td>CVE-2023-4844</td>
<td>2023-09-08 22:15:12 </td>
<td>A vulnerability was found in SourceCodester Simple Membership System 1.0. It has been classified as critical. This affects an unknown part of the file club_edit_query.php. The manipulation of the argument club_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239253 was assigned to this vulnerability.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-4844">详情</a></td>
</tr>

<tr>
<td>447e34497695f62525b42260ed653ddc</td>
<td>CVE-2023-32332</td>
<td>2023-09-08 20:15:14 </td>
<td>IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 255072.</td>
<td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-32332">详情</a></td>
</tr>

</tbody>
</table>
</div>
Expand Down

0 comments on commit 61cac31

Please sign in to comment.