Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Sep 21, 2023
1 parent 1e4e764 commit a843820
Show file tree
Hide file tree
Showing 3 changed files with 91 additions and 81 deletions.
10 changes: 10 additions & 0 deletions cache/Tenable (Nessus).dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,3 +115,13 @@ eabd76036824e6cdf2d145aa26b88993
b00f898b6afb085b52edf91cc7604aac
277a9acff14579c00cfc353e6f0fd6d5
522b82eaffebb2967bf05b47d036d542
5bfb281162000bc06fb8845f130a5aca
d74b5416a0881c73da004fef45c81706
5d80fd7b4c8ab58ae8ef3a165bcbb3eb
d95db5063ae1a2be65850c446dbb1ad9
3e0c248244d5e75272200afcebb2723c
adddf53b2b55256cd2f6f97062acf70f
46e235bd34275c5684ca5c93de0e1788
bb61ade7ebb7473f221ce36d67d277fb
5a01da8e91b3f73de98d354c27bba3ed
769890ec644884ddab6af48c3525d56e
Binary file modified data/cves.db
View file
Binary file not shown.
162 changes: 81 additions & 81 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2023-09-21 14:27:12 -->
<!-- RELEASE TIME : 2023-09-21 17:25:27 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<th width="43%">TITLE</th>
<th width="5%">URL</th>
</tr>
<tr>
<td>5bfb281162000bc06fb8845f130a5aca</td>
<td>CVE-2023-43135</td>
<td>2023-09-20 22:15:00 <img src="imgs/new.gif" /></td>
<td>There is an unauthorized access vulnerability in TP-LINK ER5120G 4.0 2.0.0 Build 210817 Rel.80868n, which allows attackers to obtain sensitive information of the device without authentication, obtain user tokens, and ultimately log in to the device backend management.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-43135">详情</a></td>
</tr>

<tr>
<td>d74b5416a0881c73da004fef45c81706</td>
<td>CVE-2023-39675</td>
<td>2023-09-20 22:15:00 <img src="imgs/new.gif" /></td>
<td>SimpleImportProduct Prestashop Module v6.2.9 was discovered to contain a SQL injection vulnerability via the key parameter at send.php.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-39675">详情</a></td>
</tr>

<tr>
<td>5d80fd7b4c8ab58ae8ef3a165bcbb3eb</td>
<td>CVE-2023-37279</td>
<td>2023-09-20 22:15:00 <img src="imgs/new.gif" /></td>
<td>Faktory is a language-agnostic persistent background job server. Prior to version 1.8.0, the Faktory web dashboard can suffer from denial of service by a crafted malicious url query param `days`. The vulnerability is related to how the backend reads the `days` URL query parameter in the Faktory web dashboard. The value is used directly without any checks to create a string slice. If a very large value is provided, the backend server ends up using a significant amount of memory and causing it to crash. Version 1.8.0 fixes this issue.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-37279">详情</a></td>
</tr>

<tr>
<td>d95db5063ae1a2be65850c446dbb1ad9</td>
<td>CVE-2023-36234</td>
<td>2023-09-20 22:15:00 <img src="imgs/new.gif" /></td>
<td>Cross Site Scripting (XSS) vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-36234">详情</a></td>
</tr>

<tr>
<td>3e0c248244d5e75272200afcebb2723c</td>
<td>CVE-2023-36109</td>
<td>2023-09-20 22:15:00 <img src="imgs/new.gif" /></td>
<td>Buffer Overflow vulnerability in JerryScript version 3.0, allows remote attackers to execute arbitrary code via ecma_stringbuilder_append_raw component at /jerry-core/ecma/base/ecma-helpers-string.c.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-36109">详情</a></td>
</tr>

<tr>
<td>adddf53b2b55256cd2f6f97062acf70f</td>
<td>CVE-2023-34575</td>
<td>2023-09-20 22:15:00 <img src="imgs/new.gif" /></td>
<td>SQL injection vulnerability in PrestaShop opartsavecart through 2.0.7 allows remote attackers to run arbitrary SQL commands via OpartSaveCartDefaultModuleFrontController::initContent() and OpartSaveCartDefaultModuleFrontController::displayAjaxSendCartByEmail() methods.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-34575">详情</a></td>
</tr>

<tr>
<td>46e235bd34275c5684ca5c93de0e1788</td>
<td>CVE-2023-42322</td>
<td>2023-09-20 21:15:00 <img src="imgs/new.gif" /></td>
<td>Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain sensitive information.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-42322">详情</a></td>
</tr>

<tr>
<td>bb61ade7ebb7473f221ce36d67d277fb</td>
<td>CVE-2023-42321</td>
<td>2023-09-20 21:15:00 <img src="imgs/new.gif" /></td>
<td>Cross Site Request Forgery (CSRF) vulnerability in icmsdev iCMSv.7.0.16 allows a remote attacker to execute arbitrary code via the user.admincp.php, members.admincp.php, and group.admincp.php files.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-42321">详情</a></td>
</tr>

<tr>
<td>5a01da8e91b3f73de98d354c27bba3ed</td>
<td>CVE-2023-39677</td>
<td>2023-09-20 21:15:00 <img src="imgs/new.gif" /></td>
<td>MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-39677">详情</a></td>
</tr>

<tr>
<td>769890ec644884ddab6af48c3525d56e</td>
<td>CVE-2023-38876</td>
<td>2023-09-20 21:15:00 <img src="imgs/new.gif" /></td>
<td>A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-38876">详情</a></td>
</tr>

<tr>
<td>5ddec74e1ec8fdf4a0c3a243f85acb01</td>
<td>CVE-2023-43377</td>
Expand Down Expand Up @@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-42446">详情</a></td>
</tr>

<tr>
<td>0ecfbc2303e306322b0fad8ce1484d38</td>
<td>CVE-2023-5030</td>
<td>2023-09-17 22:15:47</td>
<td>A vulnerability has been found in Tongda OA up to 11.10 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/plan/delete.php. The manipulation of the argument PLAN_ID leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239872.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-5030">详情</a></td>
</tr>

<tr>
<td>65557e54573bb0fe6fd55b20b0cf6590</td>
<td>CVE-2023-5029</td>
<td>2023-09-17 22:15:46</td>
<td>A vulnerability, which was classified as critical, was found in mccms 2.6. This affects an unknown part of the file /category/order/hits/copyright/46/finish/1/list/1. The manipulation with the input '"1 leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239871.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-5029">详情</a></td>
</tr>

<tr>
<td>6fa54b05a836af5e43d6d59b01193459</td>
<td>CVE-2023-5027</td>
<td>2023-09-17 17:15:44</td>
<td>A vulnerability classified as critical was found in SourceCodester Simple Membership System 1.0. Affected by this vulnerability is an unknown functionality of the file club_validator.php. The manipulation of the argument club leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239869 was assigned to this vulnerability.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-5027">详情</a></td>
</tr>

<tr>
<td>91b7935c2bbd506f8011d3226455faed</td>
<td>CVE-2023-5028</td>
<td>2023-09-17 11:15:07</td>
<td>A vulnerability, which was classified as problematic, has been found in China Unicom TEWA-800G 4.16L.04_CT2015_Yueme. Affected by this issue is some unknown functionality. The manipulation leads to information exposure through debug log file. It is possible to launch the attack on the physical device. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-239870 is the identifier assigned to this vulnerability.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-5028">详情</a></td>
</tr>

<tr>
<td>7bb623226ec3e2fc8ca56b00d2047011</td>
<td>CVE-2023-5026</td>
<td>2023-09-17 10:15:07</td>
<td>A vulnerability classified as problematic has been found in Tongda OA 11.10. Affected is an unknown function of the file /general/ipanel/menu_code.php?MENU_TYPE=FAV. The manipulation of the argument OA_SUB_WINDOW leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239868.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-5026">详情</a></td>
</tr>

<tr>
<td>ae8e5e6a2b1158c355ae0b637eb57dbf</td>
<td>CVE-2023-5025</td>
<td>2023-09-17 07:15:10</td>
<td>A vulnerability was found in KOHA up to 23.05.03. It has been declared as problematic. This vulnerability affects unknown code of the file /cgi-bin/koha/catalogue/search.pl of the component MARC. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239866 is the identifier assigned to this vulnerability.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-5025">详情</a></td>
</tr>

<tr>
<td>686a2aaadc1c9219d4899269a9ac3562</td>
<td>CVE-2023-5024</td>
<td>2023-09-17 07:15:10</td>
<td>A vulnerability was found in Planno 23.04.04. It has been classified as problematic. This affects an unknown part of the component Comment Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239865 was assigned to this vulnerability.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-5024">详情</a></td>
</tr>

<tr>
<td>880c45cb900ff32d101c49fb87536634</td>
<td>CVE-2023-5023</td>
<td>2023-09-17 07:15:09</td>
<td>A vulnerability was found in Tongda OA 2017 and classified as critical. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_relatives/delete.php. The manipulation of the argument RELATIVES_ID leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239864.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-5023">详情</a></td>
</tr>

<tr>
<td>19c9f48348443624c320525d30175aaa</td>
<td>CVE-2023-5022</td>
<td>2023-09-17 06:15:07</td>
<td>A vulnerability has been found in DedeCMS up to 5.7.100 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /include/dialog/select_templets_post.php. The manipulation of the argument activepath leads to absolute path traversal. The associated identifier of this vulnerability is VDB-239863.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-5022">详情</a></td>
</tr>

<tr>
<td>c239442185948f47094cac55e5ba21d6</td>
<td>CVE-2023-5021</td>
<td>2023-09-17 05:15:10</td>
<td>A vulnerability, which was classified as problematic, was found in SourceCodester AC Repair and Services System 1.0. Affected is an unknown function of the file admin/?page=system_info/contact_information. The manipulation of the argument telephone/mobile/address leads to cross site scripting. It is possible to launch the attack remotely. VDB-239862 is the identifier assigned to this vulnerability.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2023-5021">详情</a></td>
</tr>

</tbody>
</table>
</div>
Expand Down

0 comments on commit a843820

Please sign in to comment.