diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat index bdd6eb5a9fc..72ce985f359 100644 --- a/cache/Tenable (Nessus).dat +++ b/cache/Tenable (Nessus).dat @@ -178,3 +178,10 @@ c82b18d9bc8fea4e5b74e03025eba424 5a25d55fdeb209bca035cde148093d54 882336e63f8f362ae432dcf34545bb36 260e77e43494cda414d2a798eb317b45 +50540672b151e8a8e88c1166edb9387d +86d4825937e2237169157241c6772941 +9a09c81ab82b1cec3109c6af0b7a32d7 +4229808d86a1d7435f5057430d93d924 +a094cb3142ecd01607c209c6659d1b57 +5cd00041ea50332dd08434a77706f81f +515566b685a2a915c93bfb677f643757 diff --git a/data/cves.db b/data/cves.db index 7af67cde230..e7b7b615953 100644 Binary files a/data/cves.db and b/data/cves.db differ diff --git a/docs/index.html b/docs/index.html index ae22a9ceae2..a70e7651d3d 100644 --- a/docs/index.html +++ b/docs/index.html @@ -1,4 +1,4 @@ - + @@ -283,10 +283,66 @@

眈眈探求 | TITLE URL + + 50540672b151e8a8e88c1166edb9387d + CVE-2024-4020 + 2024-04-20 23:15:48 + A vulnerability was found in Tenda FH1206 1.2.0.8(8155) and classified as critical. This issue affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument entrys leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-261671. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + 详情 + + + + 86d4825937e2237169157241c6772941 + CVE-2024-4019 + 2024-04-20 14:15:47 + A vulnerability classified as critical has been found in Byzoro Smart S80 Management Platform up to 20240411. Affected is an unknown function of the file /importhtml.php. The manipulation of the argument sql leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-261666 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. + 详情 + + + + 9a09c81ab82b1cec3109c6af0b7a32d7 + CVE-2024-4014 + 2024-04-20 10:15:56 + The hCaptcha for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cf7-hcaptcha shortcode in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + 详情 + + + + 4229808d86a1d7435f5057430d93d924 + CVE-2024-1730 + 2024-04-20 04:15:08 + The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, Product Slider, Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via urls in link fields, images from URLs, and html tags used in widgets in all versions up to, and including, 3.14.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + 详情 + + + + a094cb3142ecd01607c209c6659d1b57 + CVE-2024-1057 + 2024-04-20 02:15:06 + The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wishsuite_button' shortcode in all versions up to, and including, 2.8.1 due to insufficient input sanitization and output escaping on user supplied attributes like 'button_class'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. + 详情 + + + + 5cd00041ea50332dd08434a77706f81f + CVE-2024-31994 + 2024-04-19 22:15:07 + Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, an attacker can point the image request to an arbitrarily large file. Mealie will attempt to retrieve this file in whole. If it can be retrieved, it may be stored on the file system in whole (leading to possible disk consumption), however the more likely scenario given resource limitations is that the container will OOM during file retrieval if the target file size is greater than the allocated memory of the container. At best this can be used to force the container to infinitely restart due to OOM (if so configured in `docker-compose.yml), or at worst this can be used to force the Mealie container to crash and remain offline. In the event that the file can be retrieved, the lack of rate limiting on this endpoint also permits an attacker to generate ongoing requests to any target of their choice, potentially contributing to an external-facing DoS attack. This vulnerability is fixed in 1.4.0. + 详情 + + + + 515566b685a2a915c93bfb677f643757 + CVE-2024-1480 + 2024-04-19 22:15:07 + Unitronics Vision Standard line of controllers allow the Information Mode password to be retrieved without authentication. + 详情 + + 111a15bc5df498aad0eb00e4e340f9b2 CVE-2024-4018 - 2024-04-19 21:15:08 + 2024-04-19 21:15:08 Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (local appliance api modules) allows Privilege Escalation.This issue affects U-Series Appliance: from 3.4 before 4.0.3. 详情 @@ -294,7 +350,7 @@

眈眈探求 | + 2024-04-19 21:15:08 Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (filesystem modules) allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before 4.0.3. 详情 @@ -302,7 +358,7 @@

眈眈探求 | + 2024-04-19 21:15:08 Cross Site Scripting vulnerability in CmSimple v.5.15 allows a remote attacker to execute arbitrary code via the functions.php component. 详情 @@ -310,7 +366,7 @@

眈眈探求 | + 2024-04-19 21:15:08 Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a remote attacker to execute arbitrary code via a crafted payload. 详情 @@ -318,7 +374,7 @@

眈眈探求 | + 2024-04-19 21:15:08 Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the scrape_image function will retrieve an image based on a user-provided URL, however the provided URL is not validated to point to an external location and does not have any enforced rate limiting. The response from the Mealie server will also vary depending on whether or not the target file is an image, is not an image, or does not exist. Additionally, when a file is retrieved the file may remain stored on Mealie’s file system as original.jpg under the UUID of the recipe it was requested for. If the attacker has access to an admin account (e.g. the default changeme@example.com), this file can then be retrieved. Note that if Mealie is running in a development setting this could be leveraged by an attacker to retrieve any file that the Mealie server had downloaded in this fashion without the need for administrator access. This vulnerability is fixed in 1.4.0. 详情 @@ -326,7 +382,7 @@

眈眈探求 | + 2024-04-19 21:15:08 Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the safe_scrape_html function utilizes a user-controlled URL to issue a request to a remote server, however these requests are not rate-limited. While there are efforts to prevent DDoS by implementing a timeout on requests, it is possible for an attacker to issue a large number of requests to the server which will be handled in batches based on the configuration of the Mealie server. The chunking of responses is helpful for mitigating memory exhaustion on the Mealie server, however a single request to an arbitrarily large external file (e.g. a Debian ISO) is often sufficient to completely saturate a CPU core assigned to the Mealie container. Without rate limiting in place, it is possible to not only sustain traffic against an external target indefinitely, but also to exhaust the CPU resources assigned to the Mealie container. This vulnerability is fixed in 1.4.0. 详情 @@ -334,7 +390,7 @@

眈眈探求 | + 2024-04-19 21:15:08 Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the safe_scrape_html function utilizes a user-controlled URL to issue a request to a remote server. Based on the content of the response, it will either parse the content or disregard it. This function, nor those that call it, add any restrictions on the URL that can be provided, nor is it restricted to being an FQDN (i.e., an IP address can be provided). As this function’s return will be handled differently by its caller depending on the response, it is possible for an attacker to use this functionality to positively identify HTTP(s) servers on the local network with any IP/port combination. This issue can result in any authenticated user being able to map HTTP servers on a local network that the Mealie service has access to. Note that by default any user can create an account on a Mealie server, and that the default changeme@example.com user is available with its hard-coded password. This vulnerability is fixed in 1.4.0. 详情 @@ -342,7 +398,7 @@

眈眈探求 | + 2024-04-19 21:15:08 Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp. 详情 @@ -350,7 +406,7 @@

眈眈探求 | + 2024-04-19 21:15:08 SQL Injection vulnerability in autoexpress v.1.3.0 allows attackers to run arbitrary SQL commands via the carId parameter. 详情 @@ -358,7 +414,7 @@

眈眈探求 | + 2024-04-19 21:15:07 Buffer Overflow vulnerability in ARM mbed-os v.6.17.0 allows a remote attacker to execute arbitrary code via a crafted script to the hciTrSerialRxIncoming function. 详情 @@ -467,62 +523,6 @@

眈眈探求 | 详情 - - 33ee840a7c71075bff826d32f9a99ba0 - CVE-2024-32746 - 2024-04-17 21:15:09 - A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the MENU parameter under the Menu module. - 详情 - - - - 9c2697ad5a7fd0782c71dfe0d56ce73a - CVE-2024-32745 - 2024-04-17 21:15:09 - A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE DESCRIPTION parameter under the CURRENT PAGE module. - 详情 - - - - 445652c9c2e91ba2f1664f143429d360 - CVE-2024-32744 - 2024-04-17 21:15:09 - A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module. - 详情 - - - - f4cc0044540fce53c7336d1c9b00c356 - CVE-2024-32743 - 2024-04-17 21:15:09 - A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SITE LANGUAGE CONFIG parameter under the Security module. - 详情 - - - - 5274d52d13fcede8ae6057e8bead053d - CVE-2024-32345 - 2024-04-17 21:15:09 - A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Configuration parameter under the Language section. - 详情 - - - - ecc5f6e0e102a7d21c24146a10fe7b48 - CVE-2024-32344 - 2024-04-17 21:15:09 - A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit parameter under the Language section. - 详情 - - - - 227bc41f94f6797a43efa8149c4b53ec - CVE-2024-32343 - 2024-04-17 21:15:09 - A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter. - 详情 - - @@ -1974,7 +1974,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress plugin Booking for Appointments and Events Calendar存储型跨站脚本漏洞(CVE-2023- 详情 @@ -1982,7 +1982,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress plugin Photo Gallery by 10Web路径遍历漏洞 详情 @@ -1990,7 +1990,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress plugin Views for WP Forms跨站请求伪造漏洞 详情 @@ -1998,7 +1998,7 @@

眈眈探求 | + 2024-04-19 07:20:40 Tenda AC9缓冲区溢出漏洞 详情 @@ -2006,7 +2006,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress plugin Advanced Custom Fields存储型跨站脚本漏洞 详情 @@ -2014,7 +2014,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress Plugin for Google Reviews存储型跨站脚本漏洞 详情 @@ -2022,7 +2022,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress plugin Author Box, Guest Author and Co-Authors for Your Posts信息泄露漏洞(CV 详情 @@ -2030,7 +2030,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress plugin Unlimited Addons for WPBakery Page Builder任意文件上传漏洞(CVE-2023-692 详情 @@ -2038,7 +2038,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress Plugin GeneratePress Premium跨站脚本漏洞 详情 @@ -2046,7 +2046,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress plugin Display custom fields in the frontend存储型跨站脚本漏洞 详情 @@ -2054,7 +2054,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress plugin EditorsKit任意文件上传漏洞 详情 @@ -2062,7 +2062,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress plugin WOLF跨站请求伪造漏洞 详情 @@ -2070,7 +2070,7 @@

眈眈探求 | + 2024-04-19 07:20:40 Apache Sling Servlets Resolver路径遍历漏洞 详情 @@ -2078,7 +2078,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress plugin Content Views存储型跨站脚本漏洞 详情 @@ -2086,7 +2086,7 @@

眈眈探求 | + 2024-04-19 07:20:40 WordPress plugin Essential Addons for Elementor存储型跨站脚本漏洞 详情