Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Nov 7, 2024
1 parent bef84ed commit 7c6f83a
Show file tree
Hide file tree
Showing 3 changed files with 146 additions and 131 deletions.
15 changes: 15 additions & 0 deletions cache/Nsfocus.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -179,3 +179,18 @@ f04eb399d441b28e0a8192ee0f1ad516
ab36d244af4387219e9c6f811938202d
47ff0acd04a97a27d04601f08b997a79
6487e1d081f68a24ce7f7ee2900a729e
6eecf9290f006d73f6872b44a60bac83
65babc98233df7a5a279a395f40de199
17e656bb4adcb6d1c815ce12a5d0ca6b
c91b44ccf52b46ef6254ff53c624aacf
63d926e0626c0faa69a276f487dc8b75
93f7a0e87bd5533aef370944f4ee089f
f0d579773e063514040562e9047d265b
b49109b9a89b175abf595ee9f13e4ec8
a8177896b178ffa7cc13ec2007a20b45
a332189dc30384eed69f548a24bc90e7
62c28521a2119a71ecd1cf3e4b7b53bd
df74ac68f988683d5709a66b84b6eef8
7f77d2c24c25c07af3cacdf2be2ba998
e9059be0750a8fd28c860d2d1058957f
2b3b71276458a7639bb566d688b7bf10
Binary file modified data/cves.db
View file
Binary file not shown.
262 changes: 131 additions & 131 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2024-11-06 18:31:10 -->
<!-- RELEASE TIME : 2024-11-07 03:29:09 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -366,79 +366,79 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<tr>
<td>7e833bfdec883c8cf8d52a82ecf68980</td>
<td>CVE-2024-10841</td>
<td>2024-11-05 14:15:14 <img src="imgs/new.gif" /></td>
<td>2024-11-05 14:15:14</td>
<td>A vulnerability classified as critical was found in romadebrian WEB-Sekolah 1.0. Affected by this vulnerability is an unknown functionality of the file /Proses_Kirim.php of the component Mail Handler. The manipulation of the argument Name leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-10841">详情</a></td>
</tr>

<tr>
<td>4ba2b84ef0b64b1954b0607f61f3aea0</td>
<td>CVE-2024-10329</td>
<td>2024-11-05 14:15:13 <img src="imgs/new.gif" /></td>
<td>2024-11-05 14:15:13</td>
<td>The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ube_get_page_templates' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the contents of templates that are private.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-10329">详情</a></td>
</tr>

<tr>
<td>9882d51db8c92a726352b9fd5352d96f</td>
<td>CVE-2024-10840</td>
<td>2024-11-05 13:15:03 <img src="imgs/new.gif" /></td>
<td>2024-11-05 13:15:03</td>
<td>A vulnerability classified as problematic has been found in romadebrian WEB-Sekolah 1.0. Affected is an unknown function of the file /Admin/akun_edit.php of the component Backend. The manipulation of the argument kode leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-10840">详情</a></td>
</tr>

<tr>
<td>25aec05218dd0e773f9d575d60adbcf3</td>
<td>CVE-2024-51530</td>
<td>2024-11-05 12:15:15 <img src="imgs/new.gif" /></td>
<td>2024-11-05 12:15:15</td>
<td>LaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-51530">详情</a></td>
</tr>

<tr>
<td>c7e806e9344a229564f69eb4a156e7c5</td>
<td>CVE-2024-51529</td>
<td>2024-11-05 12:15:15 <img src="imgs/new.gif" /></td>
<td>2024-11-05 12:15:15</td>
<td>Data verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-51529">详情</a></td>
</tr>

<tr>
<td>e96c2921e5851c6ff4287b455eba856f</td>
<td>CVE-2024-9867</td>
<td>2024-11-05 11:32:21 <img src="imgs/new.gif" /></td>
<td>2024-11-05 11:32:21</td>
<td>The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Open Map Widget' marker_content parameter in all versions up to, and including, 5.10.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-9867">详情</a></td>
</tr>

<tr>
<td>c5bdf05ad6b223d58c15554b5b900614</td>
<td>CVE-2024-9178</td>
<td>2024-11-05 11:15:04 <img src="imgs/new.gif" /></td>
<td>2024-11-05 11:15:04</td>
<td>The XT Floating Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-9178">详情</a></td>
</tr>

<tr>
<td>42b5603d5c507a4e0591190b86aea859</td>
<td>CVE-2024-10319</td>
<td>2024-11-05 11:15:03 <img src="imgs/new.gif" /></td>
<td>2024-11-05 11:15:03</td>
<td>The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the render function in widgets/content-toggle/layout/frontend.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-10319">详情</a></td>
</tr>

<tr>
<td>a2acb85d537b54e9a154af5c37d0bbd7</td>
<td>CVE-2024-9878</td>
<td>2024-11-05 10:21:16 <img src="imgs/new.gif" /></td>
<td>2024-11-05 10:21:16</td>
<td>The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.30 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-9878">详情</a></td>
</tr>

<tr>
<td>f51109ac522781210818fb5e9db5924d</td>
<td>CVE-2024-7429</td>
<td>2024-11-05 10:21:16 <img src="imgs/new.gif" /></td>
<td>2024-11-05 10:21:16</td>
<td>The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Zotpress_process_accounts_AJAX function in all versions up to, and including, 7.3.12. This makes it possible for authenticated attackers, with Contributor-level access and above, to reset the plugin's settings.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-7429">详情</a></td>
</tr>
Expand Down Expand Up @@ -1979,6 +1979,126 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>6eecf9290f006d73f6872b44a60bac83</td>
<td>CVE-2024-6449</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>HyperView Geoportal Toolkit脚本执行漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104474">详情</a></td>
</tr>

<tr>
<td>65babc98233df7a5a279a395f40de199</td>
<td>CVE-2024-7269</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>ConnX ESP HR Management存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104473">详情</a></td>
</tr>

<tr>
<td>17e656bb4adcb6d1c815ce12a5d0ca6b</td>
<td></td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>Zohocorp ManageEngine Password Manager Pro及ManageEngine PAM360 SQL注入漏洞(CVE-2024-</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104472">详情</a></td>
</tr>

<tr>
<td>c91b44ccf52b46ef6254ff53c624aacf</td>
<td>CVE-2023-26324</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>Xiaomi GetApps代码执行漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104471">详情</a></td>
</tr>

<tr>
<td>63d926e0626c0faa69a276f487dc8b75</td>
<td>CVE-2024-20289</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>Cisco NX-OS Software任意命令执行漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104470">详情</a></td>
</tr>

<tr>
<td>93f7a0e87bd5533aef370944f4ee089f</td>
<td>CVE-2024-8195</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>WordPress插件Permalink Manager Lite未授权访问漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104469">详情</a></td>
</tr>

<tr>
<td>f0d579773e063514040562e9047d265b</td>
<td>CVE-2024-42698</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>Roughly Enough Items输入验证漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104468">详情</a></td>
</tr>

<tr>
<td>b49109b9a89b175abf595ee9f13e4ec8</td>
<td>CVE-2024-20413</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>Cisco NX-OS Software权限提升漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104467">详情</a></td>
</tr>

<tr>
<td>a8177896b178ffa7cc13ec2007a20b45</td>
<td>CVE-2024-41564</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>EMI验证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104466">详情</a></td>
</tr>

<tr>
<td>a332189dc30384eed69f548a24bc90e7</td>
<td>CVE-2024-10561</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>Codezips Pet Shop Management System SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104465">详情</a></td>
</tr>

<tr>
<td>62c28521a2119a71ecd1cf3e4b7b53bd</td>
<td>CVE-2024-20446</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>Cisco NX-OS Software拒绝服务漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104464">详情</a></td>
</tr>

<tr>
<td>df74ac68f988683d5709a66b84b6eef8</td>
<td>CVE-2024-45346</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>XiaomiGetApps代码执行漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104463">详情</a></td>
</tr>

<tr>
<td>7f77d2c24c25c07af3cacdf2be2ba998</td>
<td>CVE-2024-4554</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>OpenText NetIQ Access Manager输入验证漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104462">详情</a></td>
</tr>

<tr>
<td>e9059be0750a8fd28c860d2d1058957f</td>
<td>CVE-2024-20279</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>Cisco Application Policy Infrastructure Controller访问控制错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104461">详情</a></td>
</tr>

<tr>
<td>2b3b71276458a7639bb566d688b7bf10</td>
<td>CVE-2024-6450</td>
<td>2024-11-07 03:26:58 <img src="imgs/new.gif" /></td>
<td>HyperView Geoportal Toolkit反射型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104460">详情</a></td>
</tr>

<tr>
<td>2bc12f861e6b33dd371a090afa6902d9</td>
<td>CVE-2024-49685</td>
Expand Down Expand Up @@ -2099,126 +2219,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104433">详情</a></td>
</tr>

<tr>
<td>e0ad1dd41272498e277db515cd03864a</td>
<td>CVE-2024-7493</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>WordPress WPCOM Member Plugin权限提升漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104277">详情</a></td>
</tr>

<tr>
<td>425c7aa6b4f4402c6e08bf9c8c5f9d1c</td>
<td>CVE-2024-8317</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>WordPress WP AdCenter – Ad Manager &amp; Adsense Ads Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104276">详情</a></td>
</tr>

<tr>
<td>36db6cdfec04418884ff9a54618d39f0</td>
<td>CVE-2024-7599</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>WordPress Advanced Sermons Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104275">详情</a></td>
</tr>

<tr>
<td>5f0384a7f5efc50b4173b90755aab0d7</td>
<td>CVE-2024-45589</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>Identity Automation RapidIdentity身份认证次数限制错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104274">详情</a></td>
</tr>

<tr>
<td>5300c71522b4143a22fdf922d7f1403a</td>
<td>CVE-2024-44408</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>D-Link DIR-823G信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104273">详情</a></td>
</tr>

<tr>
<td>52b430005740d5c9dcb84f19d08f6715</td>
<td>CVE-2023-47563</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>QNAP Systems Video Station操作系统命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104272">详情</a></td>
</tr>

<tr>
<td>f53b7d25786cf8314b49f743ff02c8ca</td>
<td>CVE-2024-7611</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>WordPress Enter Addons Plugin跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104271">详情</a></td>
</tr>

<tr>
<td>159a6fbf9c7520dea415b8e80f808348</td>
<td>CVE-2023-34979</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>QNAP Systems QTS和QuTS hero操作系统命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104270">详情</a></td>
</tr>

<tr>
<td>7dfc0a8e8dbccd93c22d7fc4137f87e8</td>
<td>CVE-2023-34974</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>QNAP Systems QTS和QuTS hero操作系统命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104269">详情</a></td>
</tr>

<tr>
<td>221131268c37757abe0852132a77621b</td>
<td>CVE-2022-27592</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>QNAP Systems QVR Smart Client未引用搜索路径或元素漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104268">详情</a></td>
</tr>

<tr>
<td>70f137a10024c09521c74411d7740bc0</td>
<td>CVE-2024-45758</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>H2O.ai H2O不受信数据反序列化漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104267">详情</a></td>
</tr>

<tr>
<td>dc9e43ff5e0acfcd20356a687ef94147</td>
<td>CVE-2023-50360</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>QNAP Systems Video Station SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104266">详情</a></td>
</tr>

<tr>
<td>7ebc028bb1f3d5657639851d2b95167a</td>
<td>CVE-2023-50366</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>QNAP Systems QTS和QuTS hero跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104265">详情</a></td>
</tr>

<tr>
<td>42c4e2518c58fe647519d8767958596d</td>
<td>CVE-2024-45097</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>IBM Aspera Faspex解释冲突漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104264">详情</a></td>
</tr>

<tr>
<td>a6d1f4fb1d75743cfff3575d3ff49e69</td>
<td>CVE-2024-7349</td>
<td>2024-11-05 09:22:16 <img src="imgs/new.gif" /></td>
<td>WordPress LifterLMS Plugin SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/104263">详情</a></td>
</tr>

</tbody>
</table>
</div>
Expand Down

0 comments on commit 7c6f83a

Please sign in to comment.