漏洞 - 第92页-OGeek|极客世界-中国程序员成长平台

OGeek|极客世界-中国程序员成长平台 › 门户 ›漏洞

漏洞

RSS

下级分类:

CVE漏洞

CVE-2022-1086

A vulnerability was found in DolphinPHP up to 1.5.0 and classified as problematic. Affected by this issue is the User Management Page. The manipulation leads to cross site scripting. The attack may be ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：67 | 回复：0
CVE漏洞

CVE-2022-1085

A vulnerability was found in CLTPHP up to 6.0. It has been declared as problematic. Affected by this vulnerability is the POST Parameter Handler. The manipulation leads to cross site scripting. The at ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：85 | 回复：0
CVE漏洞

CVE-2022-1084

A vulnerability classified as critical was found in SourceCodester One Church Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /one_church/userregister.php ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：62 | 回复：0
CVE漏洞

CVE-2022-1083

A vulnerability classified as critical has been found in Microfinance Management System. The manipulation of arguments like customer_type_number/account_number/account_status_number/account_type_numbe ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：76 | 回复：0
CVE漏洞

CVE-2022-1082

A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been rated as critical. This issue affects the file /mims/login.php of the Login Page. The manipulation of the ar ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：59 | 回复：0
CVE漏洞

CVE-2022-1081

A vulnerability was found in SourceCodester Microfinance Management System 1.0. It has been declared as problematic. This vulnerability affects the file /mims/app/addcustomerHandler.php. The manipulat ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：70 | 回复：0
CVE漏洞

CVE-2022-1080

A vulnerability was found in SourceCodester One Church Management System 1.0. It has been declared as critical. This vulnerability affects code of the file attendancy.php as the manipulation of the ar ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：80 | 回复：0
CVE漏洞

CVE-2022-1079

A vulnerability classified as problematic has been found in SourceCodester One Church Management System. Affected are multiple files and parameters which are prone to to cross site scripting. It is po ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：75 | 回复：0
CVE漏洞

CVE-2022-1078

A vulnerability was found in SourceCodester College Website Management System 1.0. It has been classified as critical. Affected is the file /cwms/admin/?page=articles/view_article/. The manipulation o ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：84 | 回复：0
CVE漏洞

CVE-2022-1077

A vulnerability was found in TEM FLEX-1080 and FLEX-1085 1.6.0. It has been declared as problematic. This vulnerability log.cgi of the component Log Handler. A direct request leads to information disc ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：96 | 回复：0
CVE漏洞

CVE-2022-1076

A vulnerability was found in Automatic Question Paper Generator System 1.0. It has been classified as problematic. This affects the file /aqpg/users/login.php of the component My Account Page. The man ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：89 | 回复：0
CVE漏洞

CVE-2022-1075

A vulnerability was found in College Website Management System 1.0 and classified as problematic. Affected by this issue is the file /cwms/classes/Master.php?f=save_contact of the component Contact Ha ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：95 | 回复：0
CVE漏洞

CVE-2022-1074

A vulnerability has been found in TEM FLEX-1085 1.6.0 and classified as problematic. Using the input h1HTML Injection/h1 in the WiFi settings of the dashboard leads to html injection.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：88 | 回复：0
CVE漏洞

CVE-2022-1073

A vulnerability was found in Automatic Question Paper Generator 1.0. It has been declared as critical. An attack leads to privilege escalation. The attack can be launched remotely.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：84 | 回复：0
CVE漏洞

CVE-2022-1072

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-26254. Reason: This candidate is a reservation duplicate of CVE-2022-26254. Notes: All CVE users should reference CVE-2022-26254 ins ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：79 | 回复：0
CVE漏洞

CVE-2022-25420

NTT Resonant Incorporated goo blog App Web Application 1.0 is vulnerable to CLRF injection. This vulnerability allows attackers to execute arbitrary code via a crafted HTTP request.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：99 | 回复：0
CVE漏洞

CVE-2022-24957

DHC Vision eQMS through 5.4.8.322 has Persistent XSS due to insufficient encoding of untrusted input/output. To exploit the vulnerability, the attacker has to create or edit a new information object a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：97 | 回复：0
CVE漏洞

CVE-2022-24956

An issue was discovered in Shopware B2B-Suite through 4.4.1. The sort-by parameter of the search functionality of b2border and b2borderlist allows SQL injection. Possible techniques are boolean-based ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：101 | 回复：0
CVE漏洞

CVE-2022-23937

In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：104 | 回复：0
CVE漏洞

CVE-2022-26269

Suzuki Connect v1.0.15 allows attackers to tamper with displayed messages via spoofed CAN messages.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：81 | 回复：0
CVE漏洞

CVE-2022-25521

UNNO v03.11.00 was discovered to contain access control issue.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：73 | 回复：0
CVE漏洞

CVE-2022-0331

An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:57 | 阅读：77 | 回复：0
CVE漏洞

CVE-2021-45866

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Student Attendance Management System 1.0 via the couse filed in index.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：56 | 回复：0
CVE漏洞

CVE-2021-45865

A File Upload vulnerability exists in Sourcecodester Student Attendance Manageent System 1.0 via the file upload functionality.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：65 | 回复：0
CVE漏洞

CVE-2021-44581

An SQL Injection vulnerabilty exists in Kreado Kreasfero 1.5 via the id parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：57 | 回复：0
CVE漏洞

CVE-2022-26642

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：50 | 回复：0
CVE漏洞

CVE-2022-26641

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：56 | 回复：0
CVE漏洞

CVE-2022-26640

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：53 | 回复：0
CVE漏洞

CVE-2022-26639

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：44 | 回复：0
CVE漏洞

CVE-2022-26296

BOOM: The Berkeley Out-of-Order RISC-V Processor commit d77c2c3 was discovered to allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-43105

A vulnerability in the bailiwick checking function in Technitium DNS Server = v7.0 exists that allows specific malicious users to inject `NS` records of any domain (even TLDs) into the cache and condu ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：37 | 回复：0
CVE漏洞

CVE-2022-26291

lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). This vulnerability allows attackers to cause a Denial of Se ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：45 | 回复：0
CVE漏洞

CVE-2022-26280

Libarchive v3.6.0 was discovered to contain an out-of-bounds read via the component zipx_lzma_alone_init.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：30 | 回复：0
CVE漏洞

CVE-2022-24789

C1 CMS is an open-source, .NET based Content Management System (CMS). Versions prior to 6.12 allow an authenticated user to exploit Server Side Request Forgery (SSRF) by causing the server to make arb ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：34 | 回复：0
CVE漏洞

CVE-2021-43103

A File Upload vulnerability exists in bbs 5.3 is via ForumManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：35 | 回复：0
CVE漏洞

CVE-2021-43102

A File Upload vulnerability exists in bbs 5.3 is via HelpManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：46 | 回复：0
CVE漏洞

CVE-2021-43101

A File Upload vulnerability exists in bbs 5.3 is via MembershipCardManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-43100

A File Upload vulnerability exists in bbs 5.3 is via TopicManageAction.java in a GetType function, which lets a remote malicious user execute arbitrary code.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：30 | 回复：0
CVE漏洞

CVE-2021-43099

An Archive Extraction (AKA Zip Slip) vulnerability exists in bbs 5.3 in the UpgradeNow function in UpgradeManageAction.java, which unzips the arbitrary upladed zip file without checking filenames. The ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：37 | 回复：0
CVE漏洞

CVE-2021-43098

A File Upload vulnerability exists in bbs v5.3 via QuestionManageAction.java in a getType function.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:56 | 阅读：42 | 回复：0