CVE漏洞

OGeek|极客世界-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-24682

The Cool Tag Cloud WordPress plugin before 2.26 does not escape the style attribute of the cool_tag_cloud shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-S ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：43 | 回复：0
CVE-2021-24685

The Flat Preloader WordPress plugin before 1.5.4 does not enforce nonce checks when saving its settings, as well as does not sanitise and escape them, which could allow attackers to a make logged in a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：59 | 回复：0
CVE-2021-24715

The WP Sitemap Page WordPress plugin before 1.7.0 does not properly sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when t ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：98 | 回复：0
CVE-2021-24716

The Modern Events Calendar Lite WordPress plugin before 5.22.3 does not properly sanitize or escape values set by users with access to adjust settings withing wp-admin.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：98 | 回复：0
CVE-2021-24717

The AutomatorWP WordPress plugin before 1.7.6 does not perform capability checks which allows users with Subscriber roles to enumerate automations, disclose title of private posts or user emails, call ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：71 | 回复：0
CVE-2021-24722

The Restaurant Menu by MotoPress WordPress plugin before 2.4.2 does not properly sanitize or escape inputs when creating new menu items, which could allow high privilege users to perform Cross-Site Sc ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：52 | 回复：0
CVE-2021-24723

The WP Reactions Lite WordPress plugin before 1.3.6 does not properly sanitize inputs within wp-admin pages, allowing users with sufficient access to inject XSS payloads within /wp-admin/ pages.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：59 | 回复：0
CVE-2021-24742

The Logo Slider and Showcase WordPress plugin before 1.3.37 allows Editor users to update the plugin's settings via the rtWLSSettings AJAX action because it uses a nonce for authorisation instead ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：58 | 回复：0
CVE-2021-24757

The Stylish Price List WordPress plugin before 6.9.0 does not perform capability checks in its spl_upload_ser_img AJAX action (available to both unauthenticated and authenticated users), which could a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：62 | 回复：0
CVE-2021-24770

The Stylish Price List WordPress plugin before 6.9.1 does not perform capability checks in its spl_upload_ser_img AJAX action (available to authenticated users), which could allow any authenticated us ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：52 | 回复：0
CVE-2021-24773

The WordPress Download Manager WordPress plugin before 3.2.16 does not escape some of the Download settings when outputting them, allowing high privilege users to perform XSS attacks even when the unf ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：69 | 回复：0
CVE-2021-24781

The Image Source Control WordPress plugin before 2.3.1 allows users with a role as low as Contributor to change arbitrary post meta fields of arbitrary posts (even those they should not be able to edi ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：46 | 回复：0
CVE-2021-24789

The Flat Preloader WordPress plugin before 1.5.5 does not escape some of its settings when outputting them in attribute in the frontend, which could allow high privilege users to perform Cross-Site Sc ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：43 | 回复：0
CVE-2021-24793

The WPeMatico RSS Feed Fetcher WordPress plugin before 2.6.12 does not escape the Feed URL added to a campaign before outputting it in an attribute, allowing high privilege users to perform Cross-Site ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：38 | 回复：0
CVE-2021-24794

The Connections Business Directory WordPress plugin before 10.4.3 does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting wh ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：37 | 回复：0
CVE-2021-24799

The Far Future Expiry Header WordPress plugin before 1.5 does not have CSRF check when saving its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：45 | 回复：0
CVE-2021-24808

The BP Better Messages WordPress plugin before 1.9.9.41 sanitise (with sanitize_text_field) but does not escape the 'subject' parameter before outputting it back in an attribute, leading to a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：41 | 回复：0
CVE-2021-24809

The BP Better Messages WordPress plugin before 1.9.9.41 does not check for CSRF in multiple of its AJAX actions: bp_better_messages_leave_chat, bp_better_messages_join_chat, bp_messages_leave_thread, ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：50 | 回复：0
CVE-2021-24813

The Events Made Easy WordPress plugin before 2.2.24 does not sanitise and escape Custom Field Names, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：44 | 回复：0
CVE-2021-41973

In Apache MINA, a specifically crafted, malformed HTTP request may cause the HTTP Header decoder to loop indefinitely. The decoder assumed that the HTTP Header begins at the beginning of the buffer an ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：43 | 回复：0
CVE-2021-27644

In Apache DolphinScheduler before 1.3.6 versions, authorized users can use SQL injection in the data source center. (Only applicable to MySQL data source with internal login account password)……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：55 | 回复：0
CVE-2021-25874

AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior is affected by a SQL Injection SQL injection in the catName parameter which allows a remote unauthenticated attacker to retrieve databases informatio ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：49 | 回复：0
CVE-2021-25875

AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the searchPhrase parameter which allows a remote attacker to steal administrators&# ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：43 | 回复：0
CVE-2021-25876

AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the u parameter which allows a remote attacker to steal administrators' session cookies or perfor ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：52 | 回复：0
CVE-2021-25877

AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：45 | 回复：0
CVE-2021-25878

AVideo/YouPHPTube 10.0 and prior is affected by multiple reflected Cross Script Scripting vulnerabilities via the videoName parameter which allows a remote attacker to steal administrators' sessio ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：62 | 回复：0
CVE-2021-42557

In Jeedom through 4.1.19, a bug allows a remote attacker to bypass API access and retrieve users credentials.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：47 | 回复：0
CVE-2021-22563

Invalid JPEG XL images using libjxl can cause an out of bounds access on a std::vectorstd::vectorT when rendering splines. The OOB read access can either lead to a segfault, or rendering splines based ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：64 | 回复：0
CVE-2021-22564

For certain valid JPEG XL images with a size slightly larger than an integer number of groups (256x256 pixels) when processing the groups out of order the decoder can perform an out of bounds copy of ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：73 | 回复：0
CVE-2021-27004

System Manager 9.x versions 9.7 and higher prior to 9.7P16, 9.8P7 and 9.9.1P2 are susceptible to a vulnerability which could allow a local attacker to discover plaintext iSCSI CHAP credentials.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：55 | 回复：0
CVE-2020-28702

A SQL injection vulnerability in TopicMapper.xml of PybbsCMS v5.2.1 allows attackers to access sensitive database information.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：68 | 回复：0
CVE-2021-27005

Clustered Data ONTAP versions 9.6 and higher prior to 9.6P16, 9.7P16, 9.8P7 and 9.9.1P3 are susceptible to a vulnerability which could allow a remote attacker to cause a crash of the httpd server.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：58 | 回复：0
CVE-2021-29212

A remote unauthenticated directory traversal security vulnerability has been identified in HPE iLO Amplifier Pack versions 1.80, 1.81, 1.90 and 1.95. The vulnerability could be remotely exploited to a ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：58 | 回复：0
CVE-2021-29213

A potential local bypass of security restrictions vulnerability has been identified in HPE ProLiant DL20 Gen10, HPE ProLiant ML30 Gen10, and HPE ProLiant MicroServer Gen10 Plus server's system ROM ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：55 | 回复：0
CVE-2021-3440

HP Print and Scan Doctor, an application within the HP Smart App for Windows, is potentially vulnerable to local elevation of privilege.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：67 | 回复：0
CVE-2021-3704

Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the device.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：74 | 回复：0
CVE-2021-3705

Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow an unauthorized user to reconfigure, reset the device.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：90 | 回复：0
CVE-2021-38847

S-Cart v6.4.1 and below was discovered to contain an arbitrary file upload vulnerability in the Editor module on the Admin panel. This vulnerability allows attackers to execute arbitrary code via a cr ...……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：57 | 回复：0
CVE-2021-26739

SQL Injection vulnerability in pay.php in millken doyocms 2.3, allows attackers to execute arbitrary code, via the attribute parameter.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：50 | 回复：0
CVE-2021-26740

Arbitrary file upload vulnerability sysupload.php in millken doyocms 2.3 allows attackers to execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-2-5 12:29 | 阅读：65 | 回复：0