Updated by Github Bot

cache/NVD.dat

@@ -189,3 +189,7 @@ d5ebff1d4f5f1684360faa6e26400405
 00d20ad4a7b7ad9544ec52ce080de8ea
 dceae23583f9a04fc530ed224b49b378
 75ccf0fb8a90c9dd94c8784a4f5b5d8b
+1d49a765844dd4af56f01d5405420162
+d5f9b68a051c497fca8417eb1e6f4095
+473febfe8ab9bae26b7462a218a4533f
+c067401155eebe16566d819dbbc0fdd9

docs/index.html

@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2023-09-20 14:27:54 -->
+<!-- RELEASE TIME : 2023-09-20 16:30:03 -->
 <html lang="zh-cn">
 
  <head>
@@ -2227,6 +2227,22 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>1d49a765844dd4af56f01d5405420162</td>
+       <td>CVE-2023-5063</td>
+       <td>2023-09-20 03:15:14  <img src="imgs/new.gif" /></td>
+       <td>The Widget Responsive for Youtube plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'youtube' shortcode in versions up to, and including, 1.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5063">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>d5f9b68a051c497fca8417eb1e6f4095</td>
+       <td>CVE-2023-5062</td>
+       <td>2023-09-20 03:15:14  <img src="imgs/new.gif" /></td>
+       <td>The WordPress Charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wp_charts' shortcode in versions up to, and including, 0.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5062">详情</a></td>
+      </tr>
+
       <tr>
        <td>6a35eb0ecc6baafa493f36c4ed2d4d16</td>
        <td>CVE-2023-5060</td>
@@ -2275,6 +2291,22 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5031">详情</a></td>
       </tr>
 
+      <tr>
+       <td>473febfe8ab9bae26b7462a218a4533f</td>
+       <td>CVE-2023-5030</td>
+       <td>2023-09-17 22:15:47 </td>
+       <td>A vulnerability has been found in Tongda OA up to 11.10 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/plan/delete.php. The manipulation of the argument PLAN_ID leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239872.</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5030">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>c067401155eebe16566d819dbbc0fdd9</td>
+       <td>CVE-2023-5029</td>
+       <td>2023-09-17 22:15:46 </td>
+       <td>A vulnerability, which was classified as critical, was found in mccms 2.6. This affects an unknown part of the file /category/order/hits/copyright/46/finish/1/list/1. The manipulation with the input '&quot;1 leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239871.</td>
+       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-5029">详情</a></td>
+      </tr>
+
       <tr>
        <td>d5ebff1d4f5f1684360faa6e26400405</td>
        <td>CVE-2023-5018</td>
@@ -2435,38 +2467,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-20233">详情</a></td>
       </tr>
 
-      <tr>
-       <td>ce77a0da1fa468cc51413ee49751ea74</td>
-       <td>CVE-2023-3280</td>
-       <td>2023-09-13 17:15:09 </td>
-       <td>A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3280">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>8722c1b5d809a05f967dc5e5638d23ad</td>
-       <td>CVE-2023-36642</td>
-       <td>2023-09-13 13:15:09 </td>
-       <td>An improper neutralization of special elements used in an OS command vulnerability [CWE-78]&Acirc;&nbsp;in the management interface of FortiTester 3.0.0 through 7.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36642">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>a72a10e0ef716a6ed2a3961dbfd14540</td>
-       <td>CVE-2023-36638</td>
-       <td>2023-09-13 13:15:09 </td>
-       <td>An improper privilege management vulnerability [CWE-269] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions and FortiAnalyzer 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions API may allow a remote and authenticated API admin user to access some system settings such as the mail server settings through the API via a stolen GUI session ID.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-36638">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>c63ed8a05c1ab72186ab0d8302f1b543</td>
-       <td>CVE-2023-29183</td>
-       <td>2023-09-13 13:15:08 </td>
-       <td>An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting.</td>
-       <td><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-29183">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>