Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Mar 21, 2024
1 parent e583314 commit 9394ec0
Show file tree
Hide file tree
Showing 3 changed files with 146 additions and 131 deletions.
15 changes: 15 additions & 0 deletions cache/Nsfocus.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,3 +104,18 @@ f1488d3145128c518d163a6eae1908bf
98e5c5192719dbe6fb3fd8a606732af2
34aead0457d88fd33fb4ecc3c5c81150
a6df55963881c415e0de115554e2a147
4caf72939219beecaefafc91ff79bc79
c183850852315c512046bfa23a9b7002
e4e247b96df34336e7f9d19f1df0cec7
5f513754175ef4e3d5c691356e9f5e05
2e7a2eccd1409a182b6e4017d8f6d600
6e749efa47ae8af4335ef488d7518f1d
f26251067afccc5d86f07e5989dd1392
3336f2a6a9fd2bc8cec199ce7c9c6d4d
287a72fafda23ffab3029392f75209c6
77371a608acde45ada53532c877bbf9e
5514a066511bf8e9ea62468e0f3b8e33
40c8b4110446728842fb8f981f3cf853
3c9eced695f9fb607698ddbaf8311f91
1a33b07ff86dcbd9aa94986081035eb3
6b097b0b2cb2cfd3e6959f7351c04d90
Binary file modified data/cves.db
View file
Binary file not shown.
262 changes: 131 additions & 131 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2024-03-20 23:24:02 -->
<!-- RELEASE TIME : 2024-03-21 03:24:35 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -366,79 +366,79 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<tr>
<td>adeb0e0c00576ea167cf0aef811fae9e</td>
<td>CVE-2024-29027</td>
<td>2024-03-19 19:15:06 <img src="imgs/new.gif" /></td>
<td>2024-03-19 19:15:06</td>
<td>Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 6.5.5 and 7.0.0-alpha.29, calling an invalid Parse Server Cloud Function name or Cloud Job name crashes the server and may allow for code injection, internal store manipulation or remote code execution. The patch in versions 6.5.5 and 7.0.0-alpha.29 added string sanitation for Cloud Function name and Cloud Job name. As a workaround, sanitize the Cloud Function name and Cloud Job name before it reaches Parse Server.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-29027">详情</a></td>
</tr>

<tr>
<td>a746525e89bccb7f57cadbaa391f79c4</td>
<td>CVE-2024-28303</td>
<td>2024-03-19 19:15:06 <img src="imgs/new.gif" /></td>
<td>2024-03-19 19:15:06</td>
<td>Open Source Medicine Ordering System v1.0 was discovered to contain a SQL injection vulnerability via the date parameter at /admin/reports/index.php.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28303">详情</a></td>
</tr>

<tr>
<td>79fca2c6630cdf911e14019478d8b4f2</td>
<td>CVE-2024-29094</td>
<td>2024-03-19 17:15:12 <img src="imgs/new.gif" /></td>
<td>2024-03-19 17:15:12</td>
<td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Easy GA4 ( Google Analytics 4 ) allows Stored XSS.This issue affects HT Easy GA4 ( Google Analytics 4 ): from n/a through 1.1.7.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-29094">详情</a></td>
</tr>

<tr>
<td>beca12c5a9388bb6286949713d477a68</td>
<td>CVE-2024-2545</td>
<td>2024-03-19 17:15:12 <img src="imgs/new.gif" /></td>
<td>2024-03-19 17:15:12</td>
<td>Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-1730. Reason: This candidate is a duplicate of CVE-2024-1730. Notes: All CVE users should reference CVE-2024-1730 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2545">详情</a></td>
</tr>

<tr>
<td>815f1b2e9d29598fb2e6d23d915b56aa</td>
<td>CVE-2024-2442</td>
<td>2024-03-19 17:15:12 <img src="imgs/new.gif" /></td>
<td>2024-03-19 17:15:12</td>
<td>Franklin Fueling System EVO 550 and EVO 5000 are vulnerable to a Path Traversal vulnerability that could allow an attacker to access sensitive files on the system.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2442">详情</a></td>
</tr>

<tr>
<td>464760fb94218f2fe851d4cb7c20ae82</td>
<td>CVE-2024-2307</td>
<td>2024-03-19 17:15:12 <img src="imgs/new.gif" /></td>
<td>2024-03-19 17:15:12</td>
<td>A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-2307">详情</a></td>
</tr>

<tr>
<td>349a5938c7d72779a73b4d0566806fcc</td>
<td>CVE-2024-29093</td>
<td>2024-03-19 17:15:11 <img src="imgs/new.gif" /></td>
<td>2024-03-19 17:15:11</td>
<td>Cross-Site Request Forgery (CSRF) vulnerability in Tobias Conrad Builder for WooCommerce reviews shortcodes – ReviewShort.This issue affects Builder for WooCommerce reviews shortcodes – ReviewShort: from n/a through 1.01.3.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-29093">详情</a></td>
</tr>

<tr>
<td>53a28dda0f35a24ae3cc51bc6b0a28fc</td>
<td>CVE-2024-29092</td>
<td>2024-03-19 17:15:11 <img src="imgs/new.gif" /></td>
<td>2024-03-19 17:15:11</td>
<td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maciej Bis Permalink Manager Lite allows Reflected XSS.This issue affects Permalink Manager Lite: from n/a through 2.4.3.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-29092">详情</a></td>
</tr>

<tr>
<td>a918ce8713690f1f3d00f005aeee251e</td>
<td>CVE-2024-29091</td>
<td>2024-03-19 17:15:11 <img src="imgs/new.gif" /></td>
<td>2024-03-19 17:15:11</td>
<td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dnesscarkey WP Armour – Honeypot Anti Spam allows Reflected XSS.This issue affects WP Armour – Honeypot Anti Spam: from n/a through 2.1.13.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-29091">详情</a></td>
</tr>

<tr>
<td>fdd01d7f9b5a5415d5db81a87fdc7409</td>
<td>CVE-2024-29089</td>
<td>2024-03-19 17:15:10 <img src="imgs/new.gif" /></td>
<td>2024-03-19 17:15:10</td>
<td>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Five Star Plugins Five Star Restaurant Menu allows Stored XSS.This issue affects Five Star Restaurant Menu: from n/a through 2.4.14.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-29089">详情</a></td>
</tr>
Expand Down Expand Up @@ -1971,6 +1971,126 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>4caf72939219beecaefafc91ff79bc79</td>
<td>CVE-2023-41288</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>QNAP Systems Video Station操作系统命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91975">详情</a></td>
</tr>

<tr>
<td>c183850852315c512046bfa23a9b7002</td>
<td>CVE-2023-41289</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>QNAP Systems QcalAgent操作系统命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91974">详情</a></td>
</tr>

<tr>
<td>e4e247b96df34336e7f9d19f1df0cec7</td>
<td>CVE-2024-1411</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>WordPress Plugin PowerPack Addons for Elementor存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91973">详情</a></td>
</tr>

<tr>
<td>5f513754175ef4e3d5c691356e9f5e05</td>
<td>CVE-2024-1425</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>WordPress Plugin EmbedPress存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91972">详情</a></td>
</tr>

<tr>
<td>2e7a2eccd1409a182b6e4017d8f6d600</td>
<td>CVE-2023-47560</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>QNAP Systems QuMagie操作系统命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91971">详情</a></td>
</tr>

<tr>
<td>6e749efa47ae8af4335ef488d7518f1d</td>
<td>CVE-2024-1445</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>WordPress Plugin Page scroll to id存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91970">详情</a></td>
</tr>

<tr>
<td>f26251067afccc5d86f07e5989dd1392</td>
<td>CVE-2024-21641</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>Flarum输入验证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91969">详情</a></td>
</tr>

<tr>
<td>3336f2a6a9fd2bc8cec199ce7c9c6d4d</td>
<td>CVE-2024-1586</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>WordPress The Schema &amp; Structured Data for WP &amp; AMP跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91968">详情</a></td>
</tr>

<tr>
<td>287a72fafda23ffab3029392f75209c6</td>
<td>CVE-2024-0247</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>CodeAstro Online Food Ordering System SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91967">详情</a></td>
</tr>

<tr>
<td>77371a608acde45ada53532c877bbf9e</td>
<td>CVE-2023-39296</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>QNAP Systems QTS QNAP Systems QuTS hero原型污染漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91966">详情</a></td>
</tr>

<tr>
<td>5514a066511bf8e9ea62468e0f3b8e33</td>
<td>CVE-2023-47559</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>QNAP Systems QuMagie跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91965">详情</a></td>
</tr>

<tr>
<td>40c8b4110446728842fb8f981f3cf853</td>
<td>CVE-2024-1928</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>SourceCodester Web-Based Student Clearance System SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91964">详情</a></td>
</tr>

<tr>
<td>3c9eced695f9fb607698ddbaf8311f91</td>
<td>CVE-2023-47219</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>QNAP Systems QuMagie SQL注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91963">详情</a></td>
</tr>

<tr>
<td>1a33b07ff86dcbd9aa94986081035eb3</td>
<td>CVE-2023-45041</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>QNAP Systems QTS QNAP Systems QuTS hero缓冲区溢出漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91962">详情</a></td>
</tr>

<tr>
<td>6b097b0b2cb2cfd3e6959f7351c04d90</td>
<td>CVE-2024-1339</td>
<td>2024-03-21 03:22:26 <img src="imgs/new.gif" /></td>
<td>WordPress Plugin ImageRecycle pdf &amp; image compression跨站请求伪造漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91961">详情</a></td>
</tr>

<tr>
<td>98ba5df5ac53ce7c59dfd7bb28b38278</td>
<td>CVE-2023-5413</td>
Expand Down Expand Up @@ -2091,126 +2211,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91919">详情</a></td>
</tr>

<tr>
<td>5ce69dd3174e5a3a0e0342e212fdaa77</td>
<td>CVE-2023-46131</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>Grails不受控制的资源消耗漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91851">详情</a></td>
</tr>

<tr>
<td>3530fc9a09e620e6b33160d96d8a5ed1</td>
<td>CVE-2023-49032</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>LDAP Tool Box Self Service Password任意代码执行漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91850">详情</a></td>
</tr>

<tr>
<td>72abbc2cf8f1db408564add1cf9285d3</td>
<td>CVE-2023-51390</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>journalpump访问控制错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91849">详情</a></td>
</tr>

<tr>
<td>8810fc95262bf5466b41d8c8691e7dd7</td>
<td>CVE-2023-6768</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>Amazing Little Poll身份认证绕过漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91848">详情</a></td>
</tr>

<tr>
<td>790a3a2a2ab45f308085fec908f6c0ce</td>
<td>CVE-2023-6976</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>Mlflow任意文件写入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91847">详情</a></td>
</tr>

<tr>
<td>6666bf24cbf3001ec2541eab50ae6013</td>
<td>CVE-2023-0011</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>u-blox TOBY-L2操作系统命令注入漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91846">详情</a></td>
</tr>

<tr>
<td>f7ca54586218980a3ab360a06eb12ad2</td>
<td>CVE-2023-50628</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>libming缓冲区溢出漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91845">详情</a></td>
</tr>

<tr>
<td>a160ce114474a674a22e5ed9317fdd70</td>
<td>CVE-2023-37544</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>Apache Pulsar身份认证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91844">详情</a></td>
</tr>

<tr>
<td>3b821c795726573468aad8e83efc689d</td>
<td>CVE-2023-6769</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>Amazing Little Poll跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91843">详情</a></td>
</tr>

<tr>
<td>cecff1a9d753fd63aa80ef06de85011e</td>
<td>CVE-2023-27172</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>Xpand IT Write-back Manager身份认证次数限制错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91842">详情</a></td>
</tr>

<tr>
<td>acc29703b4c7f516901155fef6708603</td>
<td>CVE-2023-6974</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>Mlflow服务器端请求伪造漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91841">详情</a></td>
</tr>

<tr>
<td>046f810ee7d34f8783c666d83a7670d9</td>
<td>CVE-2023-6975</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>Mlflow路径遍历漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91840">详情</a></td>
</tr>

<tr>
<td>095639ced36d0366b4b3c1d54e63db12</td>
<td>CVE-2023-47704</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>IBM Security Guardium Key Lifecycle Manager硬编码凭据使用漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91839">详情</a></td>
</tr>

<tr>
<td>34df67c7ff4cfffe4ab5d71235b73396</td>
<td>CVE-2023-47702</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>IBM Security Guardium Key Lifecycle Manager路径遍历漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91838">详情</a></td>
</tr>

<tr>
<td>6bd7854606a3229da2a17f094882d108</td>
<td>CVE-2023-47705</td>
<td>2024-03-19 07:20:08 <img src="imgs/new.gif" /></td>
<td>IBM Security Guardium Key Lifecycle Manager输入验证错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/91837">详情</a></td>
</tr>

</tbody>
</table>
</div>
Expand Down

0 comments on commit 9394ec0

Please sign in to comment.