• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-3825
    CVE-2021-3825
    On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations via an unsecured API. An attacker with an access to the configurations API could get valid LDAP cr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:20 | 回复:0
  • CVE-2021-41647
    CVE-2021-41647
    An un-authenticated error-based and time-based blind SQL injection vulnerability exists in Kaushik Jadhav Online Food Ordering Web App 1.0. An attacker can exploit the vulnerable username parameter in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:18 | 回复:0
  • CVE-2021-40921
    CVE-2021-40921
    Cross-site scripting (XSS) vulnerability in _contactform.inc.php in Detector 0.8.5 and below version allows remote attackers to inject arbitrary web script or HTML via the cid parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:27 | 回复:0
  • CVE-2021-40922
    CVE-2021-40922
    Cross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the last_name parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:41 | 回复:0
  • CVE-2021-40923
    CVE-2021-40923
    Cross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the email parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:21 | 回复:0
  • CVE-2021-40924
    CVE-2021-40924
    Cross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the first_name parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:25 | 回复:0
  • CVE-2021-40925
    CVE-2021-40925
    Cross-site scripting (XSS) vulnerability in dompdf/dompdf/www/demo.php infaveo-helpdesk v1.11.0 and below allow remote attackers to inject arbitrary web script or HTML via the $_SERVER parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:20 | 回复:0
  • CVE-2021-40926
    CVE-2021-40926
    Cross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:17 | 回复:0
  • CVE-2021-40927
    CVE-2021-40927
    Cross-site scripting (XSS) vulnerability in callback.php in Spotify-for-Alfred 0.13.9 and below allows remote attackers to inject arbitrary web script or HTML via the error parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:15 | 回复:0
  • CVE-2021-40928
    CVE-2021-40928
    Cross-site scripting (XSS) vulnerability in index.php in FlexTV beta development version allows remote attackers to inject arbitrary web script or HTML via the PHP_SELF parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:14 | 回复:0
  • CVE-2021-40968
    CVE-2021-40968
    Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the newpassword2 parameter ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:29 | 回复:0
  • CVE-2021-40969
    CVE-2021-40969
    Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the firstname parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:26 | 回复:0
  • CVE-2021-40970
    CVE-2021-40970
    Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the username parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:31 | 回复:0
  • CVE-2021-40971
    CVE-2021-40971
    Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the newpassword1 parameter ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:24 | 回复:0
  • CVE-2021-40972
    CVE-2021-40972
    Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the mail parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:24 | 回复:0
  • CVE-2021-40973
    CVE-2021-40973
    Cross-site scripting (XSS) vulnerability in templates/installer/step-004.inc.php in spotweb 1.5.1 and below allow remote attackers to inject arbitrary web script or HTML via the lastname parameter.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:21 | 回复:0
  • CVE-2021-40975
    CVE-2021-40975
    Cross-site scripting (XSS) vulnerability in application/modules/admin/views/ecommerce/products.php in Ecommerce-CodeIgniter-Bootstrap (Codeigniter 3.1.11, Bootstrap 3.3.7) allows remote attackers to i ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:13 | 回复:0
  • CVE-2021-41461
    CVE-2021-41461
    Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the mode param ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:18 | 回复:0
  • CVE-2021-41462
    CVE-2021-41462
    Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the ctID param ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:25 | 回复:0
  • CVE-2021-41463
    CVE-2021-41463
    Cross-site scripting (XSS) vulnerability in toos/permissions/dialogs/access/entity/types/group_combination.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web scr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:26 | 回复:0
  • CVE-2021-41464
    CVE-2021-41464
    Cross-site scripting (XSS) vulnerability in concrete/elements/collection_add.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel parame ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:20 | 回复:0
  • CVE-2021-41465
    CVE-2021-41465
    Cross-site scripting (XSS) vulnerability in concrete/elements/collection_theme.php in concrete5-legacy 5.6.4.0 and below allows remote attackers to inject arbitrary web script or HTML via the rel para ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:17 | 回复:0
  • CVE-2021-41467
    CVE-2021-41467
    Cross-site scripting (XSS) vulnerability in application/controllers/dropbox.php in JustWriting 1.0.0 and below allow remote attackers to inject arbitrary web script or HTML via the challenge parameter ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:18 | 回复:0
  • CVE-2021-38097
    CVE-2021-38097
    Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execut ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:6 | 回复:0
  • CVE-2020-21012
    CVE-2020-21012
    Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the email parameter to the edit ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:19 | 回复:0
  • CVE-2020-21013
    CVE-2020-21013
    emlog v6.0.0 contains a SQL injection via /admin/comment.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:24 | 回复:0
  • CVE-2020-21014
    CVE-2020-21014
    emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:33 | 回复:0
  • CVE-2021-38096
    CVE-2021-38096
    Coreip.dll in Corel PDF Fusion 2.6.2.0 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitra ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:26 | 回复:0
  • CVE-2021-38099
    CVE-2021-38099
    CDRRip.dll in Corel PhotoPaint Standard 2020 22.0.0.474 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability t ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:19 | 回复:0
  • CVE-2021-38103
    CVE-2021-38103
    IBJPG2.FLT in Corel Presentations 2020 20.0.0.200 is affected by an Out-of-bounds Write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 12:07 | 阅读:27 | 回复:0
  • CVE-2021-41104
    CVE-2021-41104
    ESPHome is a system to control the ESP8266/ESP32. Anyone with web_server enabled and HTTP basic auth configured on version 2021.9.1 or older is vulnerable to an issue in which `web_server` allows over ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:48 | 阅读:50 | 回复:0
  • CVE-2021-36363
    CVE-2021-36363
    Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:48 | 阅读:44 | 回复:0
  • CVE-2021-36364
    CVE-2021-36364
    Nagios XI before 5.8.5 incorrectly allows backup_xi.sh wildcards.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:48 | 阅读:54 | 回复:0
  • CVE-2021-36365
    CVE-2021-36365
    Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:48 | 阅读:52 | 回复:0
  • CVE-2021-36366
    CVE-2021-36366
    Nagios XI before 5.8.5 incorrectly allows manage_services.sh wildcards.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:48 | 阅读:46 | 回复:0
  • CVE-2021-37273
    CVE-2021-37273
    A Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450(EPON ONU) 3.0. Tianyi Gateway is a hardware terminal of Optical Modem Smart Router. Attackers can use this v ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:48 | 阅读:41 | 回复:0
  • CVE-2021-41318
    CVE-2021-41318
    In Progress WhatsUp Gold prior to version 21.1.0, an application endpoint failed to adequately sanitize malicious input. which could allow an unauthenticated attacker to execute arbitrary code in a vi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:48 | 阅读:43 | 回复:0
  • CVE-2021-30086
    CVE-2021-30086
    Cross Site Scripting (XSS) vulnerability exists in KindEditor (Chinese versions) 4.1.12, which can be exploited by an attacker to obtain user cookie information.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:48 | 阅读:35 | 回复:0
  • CVE-2021-37267
    CVE-2021-37267
    Cross Site Scripting (XSS) vulnerability exists in all versions of KindEditor, which can be exploited by an attacker to obtain user cookie information.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:48 | 阅读:48 | 回复:0
  • CVE-2021-37271
    CVE-2021-37271
    Cross Site Scripting (XSS) vulnerability exists in UEditor v1.4.3.3, which can be exploited by an attacker to obtain user cookie information.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:48 | 阅读:58 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap