• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

CVE漏洞

RSS
  • CVE-2021-38336
    CVE-2021-38336
    The Edit Comments XT WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER value in the ~/edit-comments-xt.php file which allows attackers to inject arbitrary we ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:25 | 回复:0
  • CVE-2021-38337
    CVE-2021-38337
    The RSVPMaker Excel WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER value in the ~/phpexcel/PHPExcel/Shared/JAMA/docs/download.php file which allows attack ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:15 | 回复:0
  • CVE-2021-38338
    CVE-2021-38338
    The Border Loading Bar WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the `f` and `t` parameter found in the ~/titan-framework/iframe-googlefont-preview.php file which allows att ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:12 | 回复:0
  • CVE-2021-38339
    CVE-2021-38339
    The Simple Matted Thumbnails WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER value in the ~/simple-matted-thumbnail.php file which allows attackers to inje ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:18 | 回复:0
  • CVE-2021-38340
    CVE-2021-38340
    The Wordpress Simple Shop WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the update_row parameter found in the ~/includes/add_product.php file which allows attackers to inject ar ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:22 | 回复:0
  • CVE-2021-38341
    CVE-2021-38341
    The WooCommerce Payment Gateway Per Category WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $_SERVER value in the ~/includes/plugin_settings.php file which allows ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:20 | 回复:0
  • CVE-2021-38347
    CVE-2021-38347
    The Custom Website Data WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter found in the ~/views/edit.php file which allows attackers to inject arbitrary web scripts, ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:13 | 回复:0
  • CVE-2021-38348
    CVE-2021-38348
    The Advance Search WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the wpas_id parameter found in the ~/inc/admin/views/html-advance-search-admin-options.php file which allows att ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:24 | 回复:0
  • CVE-2021-38349
    CVE-2021-38349
    The Integration of Moneybird for WooCommerce WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the error_description parameter found in the ~/templates/wcmb-admin.php file which all ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:16 | 回复:0
  • CVE-2021-38350
    CVE-2021-38350
    The spideranalyse WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the date parameter found in the ~/analyse/index.php file which allows attackers to inject arbitrary web scripts, ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:19 | 回复:0
  • CVE-2021-38351
    CVE-2021-38351
    The OSD Subscribe WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the osd_subscribe_message parameter found in the ~/options/osd_subscribe_options_subscribers.php file which allow ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:21 | 回复:0
  • CVE-2021-38352
    CVE-2021-38352
    The Feedify – Web Push Notifications WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the feedify_msg parameter found in the ~/includes/base.php file which allows attackers to inj ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:28 | 回复:0
  • CVE-2021-38353
    CVE-2021-38353
    The Dropdown and scrollable Text WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the content parameter found in the ~/index.php file which allows attackers to inject arbitrary web ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:30 | 回复:0
  • CVE-2021-38354
    CVE-2021-38354
    The GNU-Mailman Integration WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the gm_error parameter found in the ~/includes/admin/mailing-lists-page.php file which allows attackers ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:15 | 回复:0
  • CVE-2021-38355
    CVE-2021-38355
    The Bug Library WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the successimportcount parameter found in the ~/bug-library.php file which allows attackers to inject arbitrary web ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:24 | 回复:0
  • CVE-2021-38357
    CVE-2021-38357
    The SMS OVH WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the position parameter found in the ~/sms-ovh-sent.php file which allows attackers to inject arbitrary web scripts, in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:23 | 回复:0
  • CVE-2021-38358
    CVE-2021-38358
    The MoolaMojo WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the classes parameter found in the ~/views/button-generator.html.php file which allows attackers to inject arbitrary ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:39 | 回复:0
  • CVE-2021-38359
    CVE-2021-38359
    The WordPress InviteBox Plugin for viral Refer-a-Friend Promotions WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the message parameter found in the ~/admin/admin.php file which ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:30 | 回复:0
  • CVE-2021-38360
    CVE-2021-38360
    The wp-publications WordPress plugin is vulnerable to restrictive local file inclusion via the Q_FILE parameter found in the ~/bibtexbrowser.php file which allows attackers to include local zip files ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:15 | 回复:0
  • CVE-2021-40373
    CVE-2021-40373
    playSMS before 1.4.5 allows Arbitrary Code Execution by entering PHP code at the #tabs-information-page of core_main_config, and then executing that code via the index.php?app=maininc=core_welcome URI ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:22 | 回复:0
  • CVE-2021-37414
    CVE-2021-37414
    Zoho ManageEngine DesktopCentral before 10.0.709 allows anyone to get a valid user's APIKEY without authentication.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:8 | 回复:0
  • CVE-2021-37418
    CVE-2021-37418
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-31874. Reason: This candidate is a reservation duplicate of CVE-2021-31874. Notes: All CVE users should reference CVE-2021-31874 ins ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:16 | 回复:0
  • CVE-2021-37423
    CVE-2021-37423
    Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to linked applications takeover.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:17 | 回复:0
  • CVE-2021-37422
    CVE-2021-37422
    Zoho ManageEngine ADSelfService Plus 6111 and prior is vulnerable to SQL Injection while linking the databases.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:19 | 回复:0
  • CVE-2021-3646
    CVE-2021-3646
    btcpayserver is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:18 | 回复:0
  • CVE-2021-3145
    CVE-2021-3145
    In Ionic Identity Vault before 5, a local root attacker on an Android device can bypass biometric authentication.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:14 | 回复:0
  • CVE-2021-40347
    CVE-2021-40347
    An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker (logged into any account) can send a crafted POST request to unsubscribe any user from a mailing list, also ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:39 | 回复:0
  • CVE-2021-40864
    CVE-2021-40864
    The Translate plugin 6.1.x through 6.3.x before 6.3.0.72 for ONLYOFFICE Document Server lacks escape calls for the msg.data and text fields.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:34 | 回复:0
  • CVE-2021-24040
    CVE-2021-24040
    Due to use of unsafe YAML deserialization logic, an attacker with the ability to modify local YAML configuration files could provide malicious input, resulting in remote code execution or similar risk ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:26 | 回复:0
  • CVE-2021-39207
    CVE-2021-39207
    parlai is a framework for training and evaluating AI models on a variety of openly available dialogue datasets. In affected versions the package is vulnerable to YAML deserialization attack caused by ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:17 | 回复:0
  • CVE-2021-38555
    CVE-2021-38555
    An XML external entity (XXE) injection vulnerability was discovered in the Any23 StreamUtils.java file and is known to affect Any23 versions 2.5. XML external entity injection (also known as XXE) is ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:75 | 回复:0
  • CVE-2021-40146
    CVE-2021-40146
    A Remote Code Execution (RCE) vulnerability was discovered in the Any23 YAMLExtractor.java file and is known to affect Any23 versions 2.5. RCE vulnerabilities allow a malicious actor to execute any c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:13 | 回复:0
  • CVE-2021-23440
    CVE-2021-23440
    This affects the package set-value before 2.0.1, =3.0.0 4.0.1. A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arrays.……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:19 | 回复:0
  • CVE-2021-23435
    CVE-2021-23435
    This affects the package clearance before 2.5.0. The vulnerability can be possible when users are able to set the value of session. If the value used for return_to contains multiple leading slashes (/ ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:21 | 回复:0
  • CVE-2021-40866
    CVE-2021-40866
    Certain NETGEAR smart switches are affected by a remote admin password change by an unauthenticated attacker via the (disabled by default) /sqfs/bin/sccd daemon, which fails to check authentication wh ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:17 | 回复:0
  • CVE-2021-40867
    CVE-2021-40867
    Certain NETGEAR smart switches are affected by an authentication hijacking race-condition vulnerability by an unauthenticated attacker who uses the same source IP address as an admin in the process of ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:35 | 回复:0
  • CVE-2021-40870
    CVE-2021-40870
    An issue was discovered in Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:18 | 回复:0
  • CVE-2020-27969
    CVE-2020-27969
    Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar spoofing……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:20 | 回复:0
  • CVE-2020-27970
    CVE-2020-27970
    Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:22 | 回复:0
  • CVE-2021-22524
    CVE-2021-22524
    Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4……
    作者:菜鸟教程小白 | 时间:2022-2-5 11:42 | 阅读:21 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap