漏洞 - 第255页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-32363

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/view_category.php?id=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：10 | 回复：0
CVE漏洞

CVE-2022-32362

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_category.php?id=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：10 | 回复：0
CVE漏洞

CVE-2022-32359

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_category.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：10 | 回复：0
CVE漏洞

CVE-2022-32358

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_inquiry.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE漏洞

CVE-2022-32355

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/view_productid=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE漏洞

CVE-2022-32354

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=user/manage_userid=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE漏洞

CVE-2022-32353

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/categories/manage_field_order.php?id=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE漏洞

CVE-2022-31060

Discourse is an open-source discussion platform. Prior to version 2.8.4 in the `stable` branch and version `2.9.0.beta5` in the `beta` and `tests-passed` branches, banner topic data is exposed on logi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE漏洞

CVE-2022-31050

TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, Admin Tool sessions initiated via the TYPO3 backend user interface had not been revoked even ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE漏洞

CVE-2022-31049

TYPO3 is an open source web content management system. Prior to versions 9.5.34 ELTS, 10.4.29, and 11.5.11, user submitted content was used without being properly encoded in HTML emails sent to users. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE漏洞

CVE-2022-31048

TYPO3 is an open source web content management system. Prior to versions 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the Form Designer backend module of the Form Framework is vulnerable to cross-s ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE漏洞

CVE-2022-31047

TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, system internal credentials or keys (e.g. database credentials) ca ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE漏洞

CVE-2022-31046

TYPO3 is an open source web content management system. Prior to versions 7.6.57 ELTS, 8.7.47 ELTS, 9.5.34 ELTS, 10.4.29, and 11.5.11, the export functionality fails to limit the result set to allowed ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE漏洞

CVE-2022-29241

Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter Notebook. Prior to version 1.17.1, if notebook server is started with a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE漏洞

CVE-2022-32239

When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the us ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE漏洞

CVE-2022-32238

When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavaila ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE漏洞

CVE-2022-32237

When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily u ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE漏洞

CVE-2022-32236

When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：13 | 回复：0
CVE漏洞

CVE-2022-31059

Discourse Calendar is a calendar plugin for Discourse, an open-source messaging app. Prior to version 1.0.1, parsing and rendering of Event names can be susceptible to cross-site scripting (XSS) attac ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：14 | 回复：0
CVE漏洞

CVE-2022-32235

When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0
CVE漏洞

CVE-2022-31595

SAP Financial Consolidation - version 1010,?does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：14 | 回复：0
CVE漏洞

CVE-2022-31594

A highly privileged user can exploit SUID-root program to escalate his privileges to root on a local Unix system.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：11 | 回复：0
CVE漏洞

CVE-2022-31590

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program f ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：13 | 回复：0
CVE漏洞

CVE-2022-31589

Due to improper authorization check, business users who are using Israeli File from SHAAM program (/ATL/VQ23 transaction), are granted more than needed authorization to perform certain transaction, wh ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：14 | 回复：0
CVE漏洞

CVE-2022-29618

Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：14 | 回复：0
CVE漏洞

CVE-2022-29615

SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the logging framework log4j in version 1.x. The application's confidentiality and integrity could have a l ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：16 | 回复：0
CVE漏洞

CVE-2022-29614

SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：27 | 回复：0
CVE漏洞

CVE-2022-32367

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=inquiries/view_inquiryid=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：37 | 回复：0
CVE漏洞

CVE-2022-32366

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/view_field.php?id=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：62 | 回复：0
CVE漏洞

CVE-2022-32365

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/manage_field.php?id=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：42 | 回复：0
CVE漏洞

CVE-2022-32364

Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/manage_productid=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：29 | 回复：0
CVE漏洞

CVE-2022-30903

Nokia G-2425G-A Bharti Airtel Routers Hardware version 3FE48299DEAA Software Version 3FE49362IJHK42 is vulnerable to Cross-Site Scripting (XSS) via the admin-MaintenanceDevice Management.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：60 | 回复：0
CVE漏洞

CVE-2022-29238

Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with `ContentsManager.allow_hidden = False` only ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：30 | 回复：0
CVE漏洞

CVE-2022-21504

The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was sti ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：23 | 回复：0
CVE漏洞

CVE-2022-32561

An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were found to be insufficient when it was discovered that diagnostic endpoints co ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：16 | 回复：0
CVE漏洞

CVE-2022-32559

An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：19 | 回复：0
CVE漏洞

CVE-2022-32557

An issue was discovered in Couchbase Server before 7.0.4. The Index Service does not enforce authentication for TCP/TLS servers.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：15 | 回复：0
CVE漏洞

CVE-2022-32337

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/patients/manage_patient.php?id=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：14 | 回复：0
CVE漏洞

CVE-2022-31403

ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/pages/ajax.render.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：14 | 回复：0
CVE漏洞

CVE-2022-31289

https://ossindex.sonatype.org/ Sonatype Nexus Repository Manager OSS 3.37.3-02 is affected by: Incorrect Access Control. The impact is: Authentication Bypass (remote). The component is: Admin Panel. T ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:05 | 阅读：12 | 回复：0