• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2022-1564
    CVE漏洞
    CVE-2022-1564
    The Form Maker by 10Web WordPress plugin before 1.14.12 does not sanitize and escape the Custom Text settings, which could allow high privilege user such as admin to perform Cross-Site Scripting attac ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:138 | 回复:0
  • CVE-2022-1562
    CVE漏洞
    CVE-2022-1562
    The Enable SVG WordPress plugin before 1.4.0 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:134 | 回复:0
  • CVE-2022-1556
    CVE漏洞
    CVE-2022-1556
    The StaffList WordPress plugin before 3.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement when searching for Staff in the admin dashboard, leading to an SQL Inje ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:182 | 回复:0
  • CVE-2022-1542
    CVE漏洞
    CVE-2022-1542
    The HPB Dashboard WordPress plugin through 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even wh ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:133 | 回复:0
  • CVE-2022-1528
    CVE漏洞
    CVE-2022-1528
    The VikBooking Hotel Booking Engine PMS WordPress plugin before 1.5.9 does not escape the current URL before putting it back in a JavaScript context, leading to a Reflected Cross-Site Scripting……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:126 | 回复:0
  • CVE-2022-1527
    CVE漏洞
    CVE-2022-1527
    The WP 2FA WordPress plugin before 2.2.1 does not sanitise and escape a parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:162 | 回复:0
  • CVE-2022-1456
    CVE漏洞
    CVE-2022-1456
    The Poll Maker WordPress plugin before 4.0.2 does not sanitise and escape some settings, which could allow high privilege users such as admin to perform Store Cross-Site Scripting attack even when unf ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:160 | 回复:0
  • CVE-2022-1395
    CVE漏洞
    CVE-2022-1395
    The Easy FAQ with Expanding Text WordPress plugin through 3.2.8.3.1 does not sanitise and escape its settings, allowing high privilege users to perform Cross-Site Scripting attacks when unfiltered_htm ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:132 | 回复:0
  • CVE-2022-1387
    CVE漏洞
    CVE-2022-1387
    The No Future Posts WordPress plugin through 1.4 does not escape its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks when unfiltered_html is disa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:149 | 回复:0
  • CVE-2022-1299
    CVE漏洞
    CVE-2022-1299
    The Slideshow WordPress plugin through 2.3.1 does not sanitize and escape some of its default slideshow settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:128 | 回复:0
  • CVE-2022-1294
    CVE漏洞
    CVE-2022-1294
    The IMDB info box WordPress plugin through 2.0 does not sanitize and escape some of its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when the unfilter ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:137 | 回复:0
  • CVE-2022-1275
    CVE漏洞
    CVE-2022-1275
    The BannerMan WordPress plugin through 0.2.4 does not sanitize or escape its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks when the unfiltered_html is disal ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:155 | 回复:0
  • CVE-2022-1203
    CVE漏洞
    CVE-2022-1203
    The Content Mask WordPress plugin before 1.8.4.1 does not have authorisation and CSRF checks in various AJAX actions, as well as does not validate the option to be updated to ensure it belongs to the ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:132 | 回复:0
  • CVE-2022-1009
    CVE漏洞
    CVE-2022-1009
    The Smush WordPress plugin before 3.9.9 does not sanitise and escape a configuration parameter before outputting it back in an admin page when uploading a malicious preset configuration, leading to a ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:129 | 回复:0
  • CVE-2022-0642
    CVE漏洞
    CVE-2022-0642
    The JivoChat Live Chat WordPress plugin before 1.3.5.4 does not properly check CSRF tokens on POST requests to the plugins admin page, and does not sanitise some parameters, leading to a stored Cross- ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:158 | 回复:0
  • CVE-2022-0376
    CVE漏洞
    CVE-2022-0376
    The User Meta WordPress plugin before 2.4.3 does not sanitise and escape the Form Name, as well as Shared Field Labels before outputting them in the admin dashboard when editing a form, which could al ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:176 | 回复:0
  • CVE-2022-1928
    CVE漏洞
    CVE-2022-1928
    Cross-site Scripting (XSS) - Stored in GitHub repository go-gitea/gitea prior to 1.16.9.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:136 | 回复:0
  • CVE-2022-1927
    CVE漏洞
    CVE-2022-1927
    Buffer Over-read in GitHub repository vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:114 | 回复:0
  • CVE-2022-25878
    CVE漏洞
    CVE-2022-25878
    The package protobufjs before 6.11.3 are vulnerable to Prototype Pollution which can allow an attacker to add/modify properties of the Object.prototype. This vulnerability can occur in multiple ways: ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:114 | 回复:0
  • CVE-2021-27781
    CVE漏洞
    CVE-2021-27781
    The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:119 | 回复:0
  • CVE-2021-27780
    CVE漏洞
    CVE-2021-27780
    The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:115 | 回复:0
  • CVE-2022-1897
    CVE漏洞
    CVE-2022-1897
    Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:103 | 回复:0
  • CVE-2022-20807
    CVE漏洞
    CVE-2022-20807
    Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:96 | 回复:0
  • CVE-2022-20806
    CVE漏洞
    CVE-2022-20806
    Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:125 | 回复:0
  • CVE-2022-20802
    CVE漏洞
    CVE-2022-20802
    A vulnerability in the web interface of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interfa ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:130 | 回复:0
  • CVE-2022-20797
    CVE漏洞
    CVE-2022-20797
    A vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an authenticated, remote attacker to execute arbitrary comm ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:109 | 回复:0
  • CVE-2022-20765
    CVE漏洞
    CVE-2022-20765
    A vulnerability in the web applications of Cisco UCS Director could allow an authenticated, remote attacker to conduct a cross-site scripting attack on an affected system. This vulnerability is due to ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:114 | 回复:0
  • CVE-2022-20674
    CVE漏洞
    CVE-2022-20674
    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scrip ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:110 | 回复:0
  • CVE-2022-20673
    CVE漏洞
    CVE-2022-20673
    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scrip ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:39 | 阅读:104 | 回复:0
  • CVE-2022-20672
    CVE漏洞
    CVE-2022-20672
    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scrip ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:38 | 阅读:89 | 回复:0
  • CVE-2022-20671
    CVE漏洞
    CVE-2022-20671
    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scrip ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:38 | 阅读:96 | 回复:0
  • CVE-2022-20670
    CVE漏洞
    CVE-2022-20670
    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scrip ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:38 | 阅读:82 | 回复:0
  • CVE-2022-20669
    CVE漏洞
    CVE-2022-20669
    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scrip ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:38 | 阅读:87 | 回复:0
  • CVE-2022-20668
    CVE漏洞
    CVE-2022-20668
    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scrip ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:38 | 阅读:85 | 回复:0
  • CVE-2022-20667
    CVE漏洞
    CVE-2022-20667
    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scrip ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:38 | 阅读:109 | 回复:0
  • CVE-2022-20666
    CVE漏洞
    CVE-2022-20666
    Multiple vulnerabilities in the web-based management interface of Cisco Common Services Platform Collector (CSPC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scrip ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:38 | 阅读:112 | 回复:0
  • CVE-2022-1909
    CVE漏洞
    CVE-2022-1909
    Cross-site Scripting (XSS) - Stored in GitHub repository causefx/organizr prior to 2.1.2200.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:38 | 阅读:98 | 回复:0
  • CVE-2022-1908
    CVE漏洞
    CVE-2022-1908
    Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:38 | 阅读:99 | 回复:0
  • CVE-2022-1907
    CVE漏洞
    CVE-2022-1907
    Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:38 | 阅读:90 | 回复:0
  • CVE-2022-1898
    CVE漏洞
    CVE-2022-1898
    Use After Free in GitHub repository vim/vim prior to 8.2.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:38 | 阅读:96 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap