Updated by Github Bot

EXP-Tools · Dec 12, 2024 · 91cbd83 · 91cbd83
1 parent b44356b
commit 91cbd83
Show file tree

Hide file tree

Showing 3 changed files with 101 additions and 86 deletions.
diff --git a/cache/Nsfocus.dat b/cache/Nsfocus.dat
@@ -120,3 +120,18 @@ e52b98ef7414c088b7cd36a5c97db314
 22c953925bbb435f84dad07c780bd0de
 d94fbccd3fc942f27f00a3b4dc5faa1a
 092ba82551c3144c64d385e618425922
+5d4ade526c576460b3b8e9b3c3081c25
+99fca2fb798f1dec33e36b789d00f45a
+4c02af3276ee522c6c50e62a833442ba
+9ba9c4794493f8e66e63889101836f20
+214ee266ec82a91d7ea5c2895f0fc172
+96704092af18f55242e4b8fe90f9de63
+f3a18770b88049f642e7dbad2bca9fca
+4d5a435a5645bd93e32090dc710e6c75
+c9a8de504c56c5190f996364b71ae407
+58792cb52cbef47c71cf885a93acfcb9
+d7318842761dce59ea9d2b3a12e23c26
+fa4ca8977b7be6676251cfbace5ed686
+dad092fe218e1c3d6fefc1b1ff714818
+1e545a4bd7d99efb7179fde7d0d771c1
+2e3d3413548e26a324dff12e563740f0
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-12-11 15:27:43 -->
+<!-- RELEASE TIME : 2024-12-12 03:38:44 -->
 <html lang="zh-cn">
 
  <head>
@@ -366,79 +366,79 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>d2e43fa313aa415391b77d249328ab28</td>
        <td>CVE-2024-52538</td>
-       <td>2024-12-10 11:15:07 <img src="imgs/new.gif" /></td>
+       <td>2024-12-10 11:15:07</td>
        <td>Dell Avamar, version(s) 19.9, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Script injection.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-52538">详情</a></td>
       </tr>
 
       <tr>
        <td>c6e1f9f98ac196ca51e8071c0169b9de</td>
        <td>CVE-2024-47977</td>
-       <td>2024-12-10 11:15:07 <img src="imgs/new.gif" /></td>
+       <td>2024-12-10 11:15:07</td>
        <td>Dell Avamar, version(s) 19.9, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-47977">详情</a></td>
       </tr>
 
       <tr>
        <td>9b79e4358afdef94b4266d3358a87026</td>
        <td>CVE-2024-47484</td>
-       <td>2024-12-10 11:15:07 <img src="imgs/new.gif" /></td>
+       <td>2024-12-10 11:15:07</td>
        <td>Dell Avamar, version(s) 19.9, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-47484">详情</a></td>
       </tr>
 
       <tr>
        <td>eceb8ef6b1c50bd1896800d51828bde0</td>
        <td>CVE-2024-11928</td>
-       <td>2024-12-10 11:15:07 <img src="imgs/new.gif" /></td>
+       <td>2024-12-10 11:15:07</td>
        <td>The iChart – Easy Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11928">详情</a></td>
       </tr>
 
       <tr>
        <td>4a305bc5b5943d641fa4718317dd7462</td>
        <td>CVE-2024-11106</td>
-       <td>2024-12-10 11:15:07 <img src="imgs/new.gif" /></td>
+       <td>2024-12-10 11:15:07</td>
        <td>The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.7 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to higher-level roles such as administrator.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11106">详情</a></td>
       </tr>
 
       <tr>
        <td>13cfc31ef5a2cca8f805cf306841c9bf</td>
        <td>CVE-2024-10959</td>
-       <td>2024-12-10 11:15:05 <img src="imgs/new.gif" /></td>
+       <td>2024-12-10 11:15:05</td>
        <td>The The Active Products Tables for WooCommerce. Use constructor to create tables plugin for WordPress is vulnerable to arbitrary shortcode execution via woot_get_smth AJAX action in all versions up to, and including, 1.0.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-10959">详情</a></td>
       </tr>
 
       <tr>
        <td>d3b8cbe49b15187fa474d7d5946de88b</td>
        <td>CVE-2024-11973</td>
-       <td>2024-12-10 10:15:06 <img src="imgs/new.gif" /></td>
+       <td>2024-12-10 10:15:06</td>
        <td>The Quran multilanguage Text & Audio plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sourate' and 'lang' parameter in all versions up to, and including, 2.3.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11973">详情</a></td>
       </tr>
 
       <tr>
        <td>5d1a7a39267d3ea7490c70cca06c5c59</td>
        <td>CVE-2024-11945</td>
-       <td>2024-12-10 10:15:04 <img src="imgs/new.gif" /></td>
+       <td>2024-12-10 10:15:04</td>
        <td>The Email Reminders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-11945">详情</a></td>
       </tr>
 
       <tr>
        <td>86c91b9f953dddacd513b420b2cf4df7</td>
        <td>CVE-2024-8256</td>
-       <td>2024-12-10 09:15:06 <img src="imgs/new.gif" /></td>
+       <td>2024-12-10 09:15:06</td>
        <td>In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 (excluding) and TSWOS devices running on versions 1.0 to 1.3 (excluding), due to incorrect permission handling a vulnerability exists which allows a lower privileged user with default permissions to access critical device resources via the API.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-8256">详情</a></td>
       </tr>
 
       <tr>
        <td>213b18d34daa327137d4dd1a4b4228f7</td>
        <td>CVE-2024-45709</td>
-       <td>2024-12-10 09:15:06 <img src="imgs/new.gif" /></td>
+       <td>2024-12-10 09:15:06</td>
        <td>SolarWinds Web Help Desk was susceptible to a local file read vulnerability. This vulnerability requires the software be installed on Linux and configured to use non-default development/test mode making exposure to the vulnerability very limited.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-45709">详情</a></td>
       </tr>
@@ -2108,123 +2108,123 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       </tr>
 
       <tr>
-       <td>c8945c3e54dd668b1444e0320fce9c21</td>
-       <td>CVE-2024-12053</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Edge (Chromium-based)类型混淆漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107834">详情</a></td>
+       <td>5d4ade526c576460b3b8e9b3c3081c25</td>
+       <td>CVE-2024-9956</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>Google Chrome权限提升漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107948">详情</a></td>
       </tr>
 
       <tr>
-       <td>6e4d606652205d82863ee2d868adb868</td>
-       <td>CVE-2024-49126</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Local Security Authority Subsystem远程代码执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107833">详情</a></td>
+       <td>99fca2fb798f1dec33e36b789d00f45a</td>
+       <td>CVE-2024-48783</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>Ruijie Networks NBR3000D-E信息泄露漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107947">详情</a></td>
       </tr>
 
       <tr>
-       <td>8fbced53fcc7e8f177f049f43223e3c1</td>
-       <td>CVE-2024-49129</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Remote Desktop Gateway (RD Gateway)拒绝服务漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107832">详情</a></td>
+       <td>4c02af3276ee522c6c50e62a833442ba</td>
+       <td>CVE-2024-48782</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>clark DYCMS文件上传漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107946">详情</a></td>
       </tr>
 
       <tr>
-       <td>fdef099d1f518d77c61482b695ce0665</td>
-       <td>CVE-2024-49123</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Remote Desktop Services远程代码执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107831">详情</a></td>
+       <td>9ba9c4794493f8e66e63889101836f20</td>
+       <td>CVE-2024-48781</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>WonderShare WonderShare Yitu任意代码执行漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107945">详情</a></td>
       </tr>
 
       <tr>
-       <td>2b1e52669a85821f5f775c05246b782f</td>
-       <td></td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Office纵深防御更新漏洞（ADV240002）</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107830">详情</a></td>
+       <td>214ee266ec82a91d7ea5c2895f0fc172</td>
+       <td>CVE-2016-15041</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>WordPress plugin MainWP Dashboard跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107944">详情</a></td>
       </tr>
 
       <tr>
-       <td>90e3916344be33dbb62061fe3487cf2d</td>
-       <td>CVE-2024-49124</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Lightweight Directory Access Protocol远程代码执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107829">详情</a></td>
+       <td>96704092af18f55242e4b8fe90f9de63</td>
+       <td>CVE-2024-31955</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>SAMSUNG代码绕过漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107943">详情</a></td>
       </tr>
 
       <tr>
-       <td>26dc7b6b7a771a84b11e77319fcb6c29</td>
-       <td>CVE-2024-49125</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Routing and Remote Access Service远程代码执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107828">详情</a></td>
+       <td>f3a18770b88049f642e7dbad2bca9fca</td>
+       <td>CVE-2024-21286</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>Oracle PeopleSoft命令执行漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107942">详情</a></td>
       </tr>
 
       <tr>
-       <td>3567a4c33bd34422f928a93faf81fb74</td>
-       <td>CVE-2024-49127</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Lightweight Directory Access Protocol远程代码执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107827">详情</a></td>
+       <td>4d5a435a5645bd93e32090dc710e6c75</td>
+       <td></td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>WordPress plugin GiveWP – Donation Plugin and Fundraising Platform PHP对象注入漏洞（CVE</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107941">详情</a></td>
       </tr>
 
       <tr>
-       <td>5b8faec2dd5c51b8a2621ed764227fb8</td>
-       <td>CVE-2024-49132</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Remote Desktop Services远程代码执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107826">详情</a></td>
+       <td>c9a8de504c56c5190f996364b71ae407</td>
+       <td>CVE-2024-48714</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>TP-LINK TL-WDR7660堆栈溢出漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107940">详情</a></td>
       </tr>
 
       <tr>
-       <td>42834ec17e38342914785b3b0a3730d5</td>
-       <td>CVE-2024-49128</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Remote Desktop Services远程代码执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107825">详情</a></td>
+       <td>58792cb52cbef47c71cf885a93acfcb9</td>
+       <td>CVE-2024-9647</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>WordPress plugin Kama SpamBlock跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107939">详情</a></td>
       </tr>
 
       <tr>
-       <td>dfcef74a69a0f1bc0f274f7825b8776f</td>
-       <td>CVE-2024-49142</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Access远程代码执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107824">详情</a></td>
+       <td>d7318842761dce59ea9d2b3a12e23c26</td>
+       <td>CVE-2024-48411</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>itsourcecode Online Tours and Travels Management System SQL注入漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107938">详情</a></td>
       </tr>
 
       <tr>
-       <td>ec42a985cd3398a8bc8513e6aaa00abd</td>
-       <td>CVE-2024-49138</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Common Log File System Driver权限提升漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107823">详情</a></td>
+       <td>fa4ca8977b7be6676251cfbace5ed686</td>
+       <td>CVE-2024-9652</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>WordPress plugin Locatoraid Store Locator跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107937">详情</a></td>
       </tr>
 
       <tr>
-       <td>ed4169fce5e68a34e7db632f744fe558</td>
-       <td>CVE-2024-49122</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Message Queuing (MSMQ)远程代码执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107822">详情</a></td>
+       <td>dad092fe218e1c3d6fefc1b1ff714818</td>
+       <td>CVE-2024-41311</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>struktur libheif越界读写漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107936">详情</a></td>
       </tr>
 
       <tr>
-       <td>a1395cac8a790317301524d0a96d979e</td>
-       <td>CVE-2024-49121</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Lightweight Directory Access Protocol拒绝服务漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107821">详情</a></td>
+       <td>1e545a4bd7d99efb7179fde7d0d771c1</td>
+       <td>CVE-2017-20192</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>WordPress plugin Formidable Form Builder存储型跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107935">详情</a></td>
       </tr>
 
       <tr>
-       <td>9d125405614c76577a42301531845c77</td>
-       <td>CVE-2024-49086</td>
-       <td>2024-12-11 03:35:57 <img src="imgs/new.gif" /></td>
-       <td>Microsoft Windows Routing and Remote Access Service远程代码执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107820">详情</a></td>
+       <td>2e3d3413548e26a324dff12e563740f0</td>
+       <td>CVE-2024-9888</td>
+       <td>2024-12-11 03:36:38 <img src="imgs/new.gif" /></td>
+       <td>WordPress plugin ElementInvader Addons for Elementor跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/107934">详情</a></td>
       </tr>
 
      </tbody>