Updated by Github Bot

EXP-Tools · Apr 26, 2024 · 92761a4 · 92761a4
1 parent 407925c
commit 92761a4
Show file tree

Hide file tree

Showing 4 changed files with 106 additions and 87 deletions.
diff --git a/cache/Nsfocus.dat b/cache/Nsfocus.dat
@@ -148,3 +148,18 @@ c7d45539f7ed70cd01366f66bfc9f8b9
 42e392f592288339f51cb33f1eaf21bc
 a1ec46fcb6ef79449d1f85c80f4e456b
 6f5d25a12e9b936c12438e3cb3649b95
+2b5dba824d7a87e8579c57f05e834f39
+eb7fe5b6e8575cc8f98def69a51ce205
+d17d1e533419c6f95cf30522d2a4744c
+fbe35f4479e43ac001f81cb02f972fbb
+6ffbbc1bb2ebd11ab7500ae1b4d43677
+e1e0ad67bd472ca090b33089f1cb7289
+5b096586d2cdaacaa8c647f3edbd3cae
+d10fa09ba9a1fa5596225b05009bbcc8
+df395d07a8048d09db9744b086387267
+09001954c35190ab6d78dda3bb8fe77f
+ed0149826cecae9e42a482f1b0a5a2b9
+5aac0a4073a0d86556e878eebaaa2ae1
+849a6b866b683b0f5f0619bcaba0931c
+01f8f41fb723527ea508e14167c4b411
+df155cea924ade5f90e75daf653316cb
diff --git a/cache/RedQueen.dat b/cache/RedQueen.dat
@@ -194,3 +194,7 @@ ce35f552dfbb36551f9430a6d79c0d37
 f2dc98879c240eb40825e5c7c742a64b
 2cb6f9eaa1222a5345092564d6ff6635
 9342521a287e67aead1840e4541cc7d6
+f64c51bf0de6aa3a6e942b053a4c9d3a
+1672588bb6d2b1ec02ca9106df348f57
+b988f2d566a670054288eeb2e4ee0304
+b7bc4d67c59e6f6c0c7cc7f41b20c120
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-04-25 23:24:03 -->
+<!-- RELEASE TIME : 2024-04-26 03:25:59 -->
 <html lang="zh-cn">
 
  <head>
@@ -286,87 +286,87 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       <tr>
        <td>e9481aacbbb9dfafb69df26298c73a28</td>
        <td>CVE-2024-20313</td>
-       <td>2024-04-24 21:15:46 <img src="imgs/new.gif" /></td>
+       <td>2024-04-24 21:15:46</td>
        <td>A vulnerability in the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of OSPF updates that are processed by a device. An attacker could exploit this vulnerability by sending a malformed OSPF update to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-20313">详情</a></td>
       </tr>
 
       <tr>
        <td>a5ed40f8065258a4d99c4e2e7be059f3</td>
        <td>CVE-2023-20249</td>
-       <td>2024-04-24 21:15:46 <img src="imgs/new.gif" /></td>
+       <td>2024-04-24 21:15:46</td>
        <td>A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-20249">详情</a></td>
       </tr>
 
       <tr>
        <td>b8a713de6ca0698ed9a494397e785971</td>
        <td>CVE-2023-20248</td>
-       <td>2024-04-24 21:15:46 <img src="imgs/new.gif" /></td>
+       <td>2024-04-24 21:15:46</td>
        <td>A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-20248">详情</a></td>
       </tr>
 
       <tr>
        <td>02e8b8c195e240d84e9700369e27e27b</td>
        <td>CVE-2024-4127</td>
-       <td>2024-04-24 20:15:08 <img src="imgs/new.gif" /></td>
+       <td>2024-04-24 20:15:08</td>
        <td>A vulnerability was found in Tenda W15E 15.11.0.14. It has been classified as critical. Affected is the function guestWifiRuleRefresh. The manipulation of the argument qosGuestDownstream leads to stack-based buffer overflow. It is possible to launch the attack remotely. VDB-261870 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4127">详情</a></td>
       </tr>
 
       <tr>
        <td>9b6e1e8547160833b0e1f1a6264099b7</td>
        <td>CVE-2024-4126</td>
-       <td>2024-04-24 20:15:08 <img src="imgs/new.gif" /></td>
+       <td>2024-04-24 20:15:08</td>
        <td>A vulnerability was found in Tenda W15E 15.11.0.14 and classified as critical. This issue affects the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument manualTime leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-261869 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4126">详情</a></td>
       </tr>
 
       <tr>
        <td>18fe54b9e7126e62fd241cc628ea50ae</td>
        <td>CVE-2024-32879</td>
-       <td>2024-04-24 20:15:07 <img src="imgs/new.gif" /></td>
+       <td>2024-04-24 20:15:07</td>
        <td>Python Social Auth is a social authentication/registration mechanism. Prior to version 5.4.1, due to default case-insensitive collation in MySQL or MariaDB databases, third-party authentication user IDs are not case-sensitive and could cause different IDs to match. This issue has been addressed by a fix released in version 5.4.1. An immediate workaround would be to change collation of the affected field.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-32879">详情</a></td>
       </tr>
 
       <tr>
        <td>1aa6f2d5e84aa1a130f3ecd06984ef6f</td>
        <td>CVE-2024-20358</td>
-       <td>2024-04-24 20:15:07 <img src="imgs/new.gif" /></td>
+       <td>2024-04-24 20:15:07</td>
        <td>A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is available in Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with root-level privileges. Administrator-level privileges are required to exploit this vulnerability. This vulnerability exists because the contents of a backup file are improperly sanitized at restore time. An attacker could exploit this vulnerability by restoring a crafted backup file to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system as root.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-20358">详情</a></td>
       </tr>
 
       <tr>
        <td>e298b5890aab77b846a4ee4343b71a30</td>
        <td>CVE-2024-20356</td>
-       <td>2024-04-24 20:15:07 <img src="imgs/new.gif" /></td>
+       <td>2024-04-24 20:15:07</td>
        <td>A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker with Administrator-level privileges to perform command injection attacks on an affected system and elevate their privileges to root. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by sending crafted commands to the web-based management interface of the affected software. A successful exploit could allow the attacker to elevate their privileges to root.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-20356">详情</a></td>
       </tr>
 
       <tr>
        <td>ef2542d61fa43716271a236b1da93dc7</td>
        <td>CVE-2024-20295</td>
-       <td>2024-04-24 20:15:07 <img src="imgs/new.gif" /></td>
+       <td>2024-04-24 20:15:07</td>
        <td>A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, the attacker must have read-only or higher privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-20295">详情</a></td>
       </tr>
 
       <tr>
        <td>cb2e14c07e543abe95671cb4d31df54d</td>
        <td>CVE-2024-4141</td>
-       <td>2024-04-24 19:15:47 <img src="imgs/new.gif" /></td>
+       <td>2024-04-24 19:15:47</td>
        <td>Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid character code in a Type 1 font. The root problem was a bounds check that was being optimized away by modern compilers.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4141">详情</a></td>
       </tr>
 
       <tr>
        <td>c4f42f50cb20a189a9d3a6d63affc7f7</td>
        <td>CVE-2024-4093</td>
-       <td>2024-04-24 01:15:49 <img src="imgs/new.gif" /></td>
+       <td>2024-04-24 01:15:49</td>
        <td>A vulnerability, which was classified as critical, was found in SourceCodester Simple Subscription Website 1.0. Affected is an unknown function of the file view_application.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-261822 is the identifier assigned to this vulnerability.</td>
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4093">详情</a></td>
       </tr>
@@ -2092,123 +2092,123 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
       </tr>
 
       <tr>
-       <td>567431a4283ad2e12a5cb7067f11a11d</td>
-       <td>CVE-2023-50933</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>IBM PowerSC HTML注入漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94027">详情</a></td>
+       <td>2b5dba824d7a87e8579c57f05e834f39</td>
+       <td>CVE-2024-0418</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>File Sharing Wizard资源关闭或释放错误漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94110">详情</a></td>
       </tr>
 
       <tr>
-       <td>67647d5cc7c09321f72d76467021df0d</td>
-       <td>CVE-2023-51506</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>WordPress plugin WPCS跨站脚本漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94026">详情</a></td>
+       <td>eb7fe5b6e8575cc8f98def69a51ce205</td>
+       <td>CVE-2024-0417</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>DeShang DSShop路径遍历漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94109">详情</a></td>
       </tr>
 
       <tr>
-       <td>aebf558e9b1c37fa58d780f32a2a7872</td>
-       <td>CVE-2023-6223</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>WordPress Plugin LearnPress身份验证绕过漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94025">详情</a></td>
+       <td>d17d1e533419c6f95cf30522d2a4744c</td>
+       <td>CVE-2024-0416</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>DeShang DSMall路径遍历漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94108">详情</a></td>
       </tr>
 
       <tr>
-       <td>f144fc6630219bd878236954bf3f120f</td>
-       <td>CVE-2023-51695</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>WordPress plugin Everest Forms跨站脚本漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94024">详情</a></td>
+       <td>fbe35f4479e43ac001f81cb02f972fbb</td>
+       <td>CVE-2024-0415</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>DeShang DSMall访问控制错误漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94107">详情</a></td>
       </tr>
 
       <tr>
-       <td>d46a0c52521c49bd5d4df38b4340b2d2</td>
-       <td>CVE-2023-47144</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>IBM Tivoli Application Dependency Discovery Manager跨站脚本漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94023">详情</a></td>
+       <td>6ffbbc1bb2ebd11ab7500ae1b4d43677</td>
+       <td>CVE-2024-0414</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>DeShang DSKMS访问控制错误漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94106">详情</a></td>
       </tr>
 
       <tr>
-       <td>580e58ed6e6bd1cb9e3154a51237daca</td>
-       <td>CVE-2023-6582</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>WordPress ElementsKit Elementor addons plugin信息泄露漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94022">详情</a></td>
+       <td>e1e0ad67bd472ca090b33089f1cb7289</td>
+       <td>CVE-2024-0413</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>DeShang DSKMS访问控制错误漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94105">详情</a></td>
       </tr>
 
       <tr>
-       <td>6c79fb1e6662b1c1ae0f3a02e4ef24f5</td>
-       <td>CVE-2023-47143</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>IBM Tivoli Application Dependency Discovery Manager HTTP标头注入漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94021">详情</a></td>
+       <td>5b096586d2cdaacaa8c647f3edbd3cae</td>
+       <td>CVE-2024-0412</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>DeShang DSShop访问控制错误漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94104">详情</a></td>
       </tr>
 
       <tr>
-       <td>b7f30643afbdb1d7df0a609ccc2784d8</td>
-       <td>CVE-2023-6875</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>WordPress POST SMTP Mailer不合理授权漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94020">详情</a></td>
+       <td>d10fa09ba9a1fa5596225b05009bbcc8</td>
+       <td>CVE-2024-0411</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>DeShang DSMall访问控制错误漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94103">详情</a></td>
       </tr>
 
       <tr>
-       <td>f8376b05f122a5cbe12439eea01499e8</td>
-       <td>CVE-2023-51509</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>WordPress plugin RegistrationMagic跨站脚本漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94019">详情</a></td>
+       <td>df395d07a8048d09db9744b086387267</td>
+       <td>CVE-2024-0429</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>Hex Workshop缓冲区错误漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94102">详情</a></td>
       </tr>
 
       <tr>
-       <td>512981509e4442909ecd75932ce0f3ce</td>
-       <td>CVE-2023-6561</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>WordPress Plugin Featured Image from URL跨站脚本执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94018">详情</a></td>
+       <td>09001954c35190ab6d78dda3bb8fe77f</td>
+       <td>CVE-2023-6554</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>Tecnick TCExam缺少授权漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94101">详情</a></td>
       </tr>
 
       <tr>
-       <td>aacd0b4a71126b2e578f5f1a3a78445a</td>
-       <td>CVE-2024-22096</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>Rapid Software Rapid SCADA路径遍历漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94017">详情</a></td>
+       <td>ed0149826cecae9e42a482f1b0a5a2b9</td>
+       <td>CVE-2023-5118</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>Kofax Capture跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94100">详情</a></td>
       </tr>
 
       <tr>
-       <td>321a3076fa689cc83bd15db10929cba7</td>
-       <td>CVE-2023-6782</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>WordPress AMP for WP Plugin跨站脚本执行漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94016">详情</a></td>
+       <td>5aac0a4073a0d86556e878eebaaa2ae1</td>
+       <td>CVE-2023-51989</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>D-Link DIR-822+ 关键功能身份验证绕过漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94099">详情</a></td>
       </tr>
 
       <tr>
-       <td>da34fd1cce20f9eb618bace073265b22</td>
-       <td>CVE-2024-1201</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>PanteraSoft HDD Health DLL劫持漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94015">详情</a></td>
+       <td>849a6b866b683b0f5f0619bcaba0931c</td>
+       <td>CVE-2023-51987</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>D-Link DIR-822+ 关键功能身份验证绕过漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94098">详情</a></td>
       </tr>
 
       <tr>
-       <td>aff24424388dbbe3da897958bd9ade53</td>
-       <td>CVE-2024-0963</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>WordPress plugin Calculated Fields Form存储型跨站脚本漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94014">详情</a></td>
+       <td>01f8f41fb723527ea508e14167c4b411</td>
+       <td>CVE-2023-51984</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>D-Link DIR-822+ OS命令注入漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94097">详情</a></td>
       </tr>
 
       <tr>
-       <td>2e86c3c1241581e57ae5041ebe7f1e94</td>
-       <td>CVE-2024-23895</td>
-       <td>2024-04-25 03:22:22 <img src="imgs/new.gif" /></td>
-       <td>Cups Easy跨站脚本漏洞</td>
-       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94013">详情</a></td>
+       <td>df155cea924ade5f90e75daf653316cb</td>
+       <td>CVE-2023-6938</td>
+       <td>2024-04-25 03:23:51 <img src="imgs/new.gif" /></td>
+       <td>WordPress Oxygen Builder plugin跨站脚本漏洞</td>
+       <td><a target="_blank" href="http://www.nsfocus.net/vulndb/94096">详情</a></td>
       </tr>
 
      </tbody>