• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字
OGeek|极客世界-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2017-20068
    CVE漏洞
    CVE-2017-20068
    A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/usermanagement.php. The manipulation leads ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:116 | 回复:0
  • CVE-2017-20067
    CVE漏洞
    CVE-2017-20067
    A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argumen ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:107 | 回复:0
  • CVE-2022-31062
    CVE漏洞
    CVE-2022-31062
    ### Impact A plugin public script can be used to read content of system files. ### Patches Upgrade to version 1.0.2. ### Workarounds `b/deploy/index.php` file can be deleted if deploy feature is not u ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:112 | 回复:0
  • CVE-2017-20066
    CVE漏洞
    CVE-2017-20066
    A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to laun ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:101 | 回复:0
  • CVE-2017-20065
    CVE漏洞
    CVE-2017-20065
    A vulnerability was found in Supsystic Popup Plugin 1.7.6 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack ma ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:109 | 回复:0
  • CVE-2022-2128
    CVE漏洞
    CVE-2022-2128
    Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:101 | 回复:0
  • CVE-2022-22414
    CVE漏洞
    CVE-2022-22414
    IBM Robotic Process Automation 21.0.2 could allow a local user to obtain sensitive web service configuration credentials from system memory. IBM X-Force ID: 223026.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:90 | 回复:0
  • CVE-2022-22318
    CVE漏洞
    CVE-2022-22318
    IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:165 | 回复:0
  • CVE-2022-22317
    CVE漏洞
    CVE-2022-22317
    IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:148 | 回复:0
  • CVE-2022-33913
    CVE漏洞
    CVE-2022-33913
    In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.2, files can sometimes be downloaded through thumb.php with no permission check.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:137 | 回复:0
  • CVE-2022-32983
    CVE漏洞
    CVE-2022-32983
    Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:166 | 回复:0
  • CVE-2022-31795
    CVE漏洞
    CVE-2022-31795
    An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the grel_finfo function in grel.php. An attacker is able to in ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:122 | 回复:0
  • CVE-2022-31794
    CVE漏洞
    CVE-2022-31794
    An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker is ab ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:120 | 回复:0
  • CVE-2022-2134
    CVE漏洞
    CVE-2022-2134
    Denial of Service in GitHub repository inventree/inventree prior to 0.8.0.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:142 | 回复:0
  • CVE-2022-1720
    CVE漏洞
    CVE-2022-1720
    Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:130 | 回复:0
  • CVE-2021-41683
    CVE漏洞
    CVE-2021-41683
    There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:110 | 回复:0
  • CVE-2021-41682
    CVE漏洞
    CVE-2021-41682
    There is a heap-use-after-free at ecma-helpers-string.c:1940 in ecma_compare_ecma_non_direct_strings in JerryScript 2.4.0……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:113 | 回复:0
  • CVE-2022-25772
    CVE漏洞
    CVE-2022-25772
    A cross-site scripting (XSS) vulnerability in the web tracking component of Mautic before 4.3.0 allows remote attackers to inject executable javascript……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:136 | 回复:0
  • CVE-2022-1945
    CVE漏洞
    CVE-2022-1945
    The Coming Soon Maintenance Mode by Colorlib WordPress plugin before 1.0.99 does not sanitize and escape some settings, allowing high privilege users such as admin to perform Stored Cross-Site Script ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:278 | 回复:0
  • CVE-2022-1939
    CVE漏洞
    CVE-2022-1939
    The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:121 | 回复:0
  • CVE-2022-1915
    CVE漏洞
    CVE-2022-1915
    The WP Zillow Review Slider WordPress plugin before 2.4 does not escape a settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capabil ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:49 | 回复:0
  • CVE-2022-1905
    CVE漏洞
    CVE-2022-1905
    The Events Made Easy WordPress plugin before 2.2.81 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:33 | 回复:0
  • CVE-2022-1896
    CVE漏洞
    CVE-2022-1896
    The underConstruction WordPress plugin before 1.21 does not sanitise or escape the Display a custom page using your own HTML setting before outputting it, allowing high privilege users to perform Cros ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:28 | 回复:0
  • CVE-2022-1895
    CVE漏洞
    CVE-2022-1895
    The underConstruction WordPress plugin before 1.20 does not have CSRF check in place when deactivating the construction mode, which could allow attackers to make a logged in admin perform such action ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:33 | 回复:0
  • CVE-2022-1889
    CVE漏洞
    CVE-2022-1889
    The Newsletter WordPress plugin before 7.4.6 does not escape and sanitise the preheader_text setting, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unf ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:33 | 回复:0
  • CVE-2022-1832
    CVE漏洞
    CVE-2022-1832
    The CaPa Protect WordPress plugin through 0.5.8.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:31 | 回复:0
  • CVE-2022-1831
    CVE漏洞
    CVE-2022-1831
    The WPlite WordPress plugin through 1.3.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:40 | 回复:0
  • CVE-2022-1830
    CVE漏洞
    CVE-2022-1830
    The Amazon Einzeltitellinks WordPress plugin through 1.3.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF at ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:36 | 回复:0
  • CVE-2022-1829
    CVE漏洞
    CVE-2022-1829
    The Inline Google Maps WordPress plugin through 5.11 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:43 | 回复:0
  • CVE-2022-1828
    CVE漏洞
    CVE-2022-1828
    The PDF24 Articles To PDF WordPress plugin through 4.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF atta ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:51 | 回复:0
  • CVE-2022-1827
    CVE漏洞
    CVE-2022-1827
    The PDF24 Article To PDF WordPress plugin through 4.2.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attac ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:34 | 回复:0
  • CVE-2022-1826
    CVE漏洞
    CVE-2022-1826
    The Cross-Linker WordPress plugin through 3.0.1.9 does not have CSRF check in place when creating Cross-Links, which could allow attackers to make a logged in admin perform such action via a CSRF atta ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:53 | 回复:0
  • CVE-2022-1824
    CVE漏洞
    CVE-2022-1824
    An uncontrolled search path vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local attacker to perform a sideloading attack by using a specific file name. ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:50 | 回复:0
  • CVE-2022-1823
    CVE漏洞
    CVE-2022-1823
    Improper privilege management vulnerability in McAfee Consumer Product Removal Tool prior to version 10.4.128 could allow a local user to modify a configuration file and perform a LOLBin (Living off t ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:43 | 回复:0
  • CVE-2022-1818
    CVE漏洞
    CVE-2022-1818
    The Multi-page Toolkit WordPress plugin through 2.6 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack an ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:54 | 回复:0
  • CVE-2022-1801
    CVE漏洞
    CVE-2022-1801
    The Very Simple Contact Form WordPress plugin before 11.6 exposes the solution to the captcha in the rendered contact form, both as hidden input fields and as plain text in the page, making it very ea ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:68 | 回复:0
  • CVE-2022-1717
    CVE漏洞
    CVE-2022-1717
    The Custom Share Buttons with Floating Sidebar WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cro ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:54 | 回复:0
  • CVE-2022-1630
    CVE漏洞
    CVE-2022-1630
    The WP-EMail WordPress plugin before 2.69.0 does not protect its log deletion functionality with nonce checks, allowing attacker to make a logged in admin delete logs via a CSRF attack……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:63 | 回复:0
  • CVE-2022-1614
    CVE漏洞
    CVE-2022-1614
    The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based anti-spamming restri ...……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:63 | 回复:0
  • CVE-2022-1610
    CVE漏洞
    CVE-2022-1610
    The Seamless Donations WordPress plugin before 5.1.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack……
    作者:菜鸟教程小白 | 时间:2022-6-23 09:07 | 阅读:75 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap