• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-39203
    CVE-2021-39203
    WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. In affected versions authenticated users who don't have permission to view ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:12 | 回复:0
  • CVE-2021-39204
    CVE-2021-39204
    Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilizat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:27 | 回复:0
  • CVE-2020-19280
    CVE-2020-19280
    Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows attackers to escalate privileges and perform sensitive program operations.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:32 | 回复:0
  • CVE-2020-19281
    CVE-2020-19281
    A stored cross-site scripting (XSS) vulnerability in the /manage/loginusername component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the username ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:41 | 回复:0
  • CVE-2020-19282
    CVE-2020-19282
    A reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:16 | 回复:0
  • CVE-2020-19283
    CVE-2020-19283
    A reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:13 | 回复:0
  • CVE-2020-19284
    CVE-2020-19284
    A stored cross-site scripting (XSS) vulnerability in the /group/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the group comments ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:12 | 回复:0
  • CVE-2020-19285
    CVE-2020-19285
    A stored cross-site scripting (XSS) vulnerability in the /group/apply component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Name text field.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:8 | 回复:0
  • CVE-2020-19286
    CVE-2020-19286
    A stored cross-site scripting (XSS) vulnerability in the /question/detail component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the source field ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:7 | 回复:0
  • CVE-2020-19287
    CVE-2020-19287
    A stored cross-site scripting (XSS) vulnerability in the /group/post component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the title.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:14 | 回复:0
  • CVE-2020-19288
    CVE-2020-19288
    A stored cross-site scripting (XSS) vulnerability in the /localhost/u component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a private message.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:17 | 回复:0
  • CVE-2020-19289
    CVE-2020-19289
    A stored cross-site scripting (XSS) vulnerability in the /member/picture/album component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the new albu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:15 | 回复:0
  • CVE-2020-19290
    CVE-2020-19290
    A stored cross-site scripting (XSS) vulnerability in the /weibo/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Weibo comment s ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:19 | 回复:0
  • CVE-2020-19291
    CVE-2020-19291
    A stored cross-site scripting (XSS) vulnerability in the /weibo/publishdata component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted Weibo.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:13 | 回复:0
  • CVE-2020-19292
    CVE-2020-19292
    A stored cross-site scripting (XSS) vulnerability in the /question/ask component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted question.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:19 | 回复:0
  • CVE-2020-19293
    CVE-2020-19293
    A stored cross-site scripting (XSS) vulnerability in the /article/add component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted article.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:14 | 回复:0
  • CVE-2020-19294
    CVE-2020-19294
    A stored cross-site scripting (XSS) vulnerability in the /article/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the article comme ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:11 | 回复:0
  • CVE-2020-19295
    CVE-2020-19295
    A reflected cross-site scripting (XSS) vulnerability in the /weibo/topic component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:19 | 回复:0
  • CVE-2021-39206
    CVE-2021-39206
    Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, contains two authorization related vulnerabilities CVE-2021-32777 and CVE-2021-32779. This may lead to incorr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:21 | 回复:0
  • CVE-2021-40839
    CVE-2021-40839
    The rencode package through 1.0.6 for Python allows an infinite loop in typecode decoding (such as via ;\x2f\x7f), enabling a remote attack that consumes CPU and memory.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:5 | 回复:0
  • CVE-2018-19957
    CVE-2018-19957
    A vulnerability involving insufficient HTTP security headers has been reported to affect QNAP NAS running QTS, QuTS hero, and QuTScloud. This vulnerability allows remote attackers to launch privacy an ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:21 | 回复:0
  • CVE-2021-28813
    CVE-2021-28813
    A vulnerability involving insecure storage of sensitive information has been reported to affect QSW-M2116P-2T2S and QNAP switches running QuNetSwitch. If exploited, this vulnerability allows remote at ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:6 | 回复:0
  • CVE-2021-28816
    CVE-2021-28816
    A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have al ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:5 | 回复:0
  • CVE-2021-34343
    CVE-2021-34343
    A stack buffer overflow vulnerability has been reported to affect QNAP device running QTS, QuTScloud, QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary code. We have al ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:9 | 回复:0
  • CVE-2021-34344
    CVE-2021-34344
    A stack buffer overflow vulnerability has been reported to affect QNAP device running QUSBCam2. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:8 | 回复:0
  • CVE-2021-34345
    CVE-2021-34345
    A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have alread ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:12 | 回复:0
  • CVE-2021-34346
    CVE-2021-34346
    A stack buffer overflow vulnerability has been reported to affect QNAP device running NVR Storage Expansion. If exploited, this vulnerability allows attackers to execute arbitrary code. We have alread ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:10 | 回复:0
  • CVE-2021-3645
    CVE-2021-3645
    merge is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:30 | 回复:0
  • CVE-2021-33011
    CVE-2021-33011
    All versions of the afffected TOYOPUC-PC10 Series,TOYOPUC-Plus Series,TOYOPUC-PC3J/PC2J Series, TOYOPUC-Nano Series products may not be able to properly process an ICMP flood, which may allow an attac ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:16 | 回复:0
  • CVE-2021-35976
    CVE-2021-35976
    The feature to preview a website in Plesk Obsidian 18.0.0 through 18.0.32 on Linux is vulnerable to reflected XSS via the /plesk-site-preview/ PATH, aka PFSI-62467. The attacker could execute JavaScri ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:22 | 回复:0
  • CVE-2021-38326
    CVE-2021-38326
    The Post Title Counter WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the notice parameter found in the ~/post-title-counter.php file which allows attackers to inject arbitrary w ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:20 | 回复:0
  • CVE-2021-38327
    CVE-2021-38327
    The YouTube Video Inserter WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER value in the ~/adminUI/settings.php file which allows attackers to inject arbitr ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:23 | 回复:0
  • CVE-2021-38328
    CVE-2021-38328
    The Notices WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER value in the ~/notices.php file which allows attackers to inject arbitrary web scripts, in vers ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:13 | 回复:0
  • CVE-2021-38329
    CVE-2021-38329
    The DJ EmailPublish WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER value in the ~/dj-email-publish.php file which allows attackers to inject arbitrary web ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:14 | 回复:0
  • CVE-2021-38330
    CVE-2021-38330
    The Yet Another bol.com Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER value in the ~/yabp.php file which allows attackers to inject arbitrary web ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:16 | 回复:0
  • CVE-2021-38331
    CVE-2021-38331
    The WP-T-Wap WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the posted parameter found in the ~/wap/writer.php file which allows attackers to inject arbitrary web scripts, in ver ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:16 | 回复:0
  • CVE-2021-38332
    CVE-2021-38332
    The On Page SEO + Whatsapp Chat Button Plugin WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER value in the ~/settings.php file which allows attackers to in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:9 | 回复:0
  • CVE-2021-38333
    CVE-2021-38333
    The WP Scrippets WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER value in the ~/wp-scrippets.php file which allows attackers to inject arbitrary web script ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:33 | 回复:0
  • CVE-2021-38334
    CVE-2021-38334
    The WP Design Maps Places WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the filename parameter found in the ~/wpdmp-admin.php file which allows attackers to inject arbitrary we ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:19 | 回复:0
  • CVE-2021-38335
    CVE-2021-38335
    The Wise Agent Capture Forms WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER value in the ~/WiseAgentCaptureForm.php file which allows attackers to inject ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:22 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap