CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-1461

Non Privilege User can Enable or Disable Registered in GitHub repository openemr/openemr prior to 6.1.0.1.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：21 | 回复：0
CVE-2022-28871

A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much m ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：20 | 回复：0
CVE-2021-36460

VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and uses the hash to authenticate in all communication with the backend API, including login, registrat ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：20 | 回复：0
CVE-2022-27103

element-plus 2.0.5 is vulnerable to Cross Site Scripting (XSS) via el-table-column.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：22 | 回复：0
CVE-2022-27135

xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service (Segmentation fault) or other unspecified effects by ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：19 | 回复：0
CVE-2022-27311

Gibbon v3.4.4 and below allows attackers to execute a Server-Side Request Forgery (SSRF) via a crafted URL.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：18 | 回复：0
CVE-2022-27428

A stored cross-site scripting (XSS) vulnerability in /index.php/album/add of GalleryCMS v2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the album_nam ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：19 | 回复：0
CVE-2022-27429

Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：18 | 回复：0
CVE-2022-28053

Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：15 | 回复：0
CVE-2022-28506

There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：20 | 回复：0
CVE-2022-28586

XSS in edit page of Hoosk 1.8.0 allows attacker to execute javascript code in user browser via edit page with XSS payload bypass filter some special chars.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：17 | 回复：0
CVE-2022-26111

The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the target server by creating a custom search (or editing an existing/predefined search) of the documents. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：19 | 回复：0
CVE-2022-28093

SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a local file inclusion vulnerability which allow attackers to execute arbitrary code via a crafted PHP file.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：20 | 回复：0
CVE-2022-28094

SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the fid parameter at booking.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：20 | 回复：0
CVE-2022-29078

The ejs (aka Embedded JavaScript templates) package 3.1.6 for Node.js allows server-side template injection in settings. This is parsed as an internal option, and overwrites the outputFunctionName opt ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：24 | 回复：0
CVE-2021-24800

The DW Question Answer Pro WordPress plugin through 1.3.4 does not check that the comment to edit belongs to the user making the request, allowing any user to edit other comments.……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：24 | 回复：0
CVE-2021-24805

The DW Question Answer Pro WordPress plugin through 1.3.4 does not properly check for CSRF in some of its functions, allowing attackers to make logged in users perform unwanted actions, such as updat ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：23 | 回复：0
CVE-2021-24957

The Advanced Page Visit Counter WordPress plugin before 6.1.6 does not escape the artID parameter before using it in a SQL statement in the apvc_reset_count_art AJAX action, available to any authentic ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：24 | 回复：0
CVE-2021-25094

The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress's upload directory. By ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：27 | 回复：0
CVE-2021-25111

The English WordPress Admin WordPress plugin before 1.5.2 does not validate the admin_custom_language_return_url before redirecting users o it, leading to an open redirect issue……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：42 | 回复：0
CVE-2021-39040

IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. Attackers can make use of this weakness and upload malicious executable fil ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：52 | 回复：0
CVE-2021-46780

The Easy Google Maps WordPress plugin before 1.9.32 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：84 | 回复：0
CVE-2021-46781

The Coming Soon by Supsystic WordPress plugin before 1.7.6 does not sanitise and escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：87 | 回复：0
CVE-2021-46782

The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scrip ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：138 | 回复：0
CVE-2021-4225

The SP Project Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. The plugin attempts to prevent PHP and other similar files that coul ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：69 | 回复：0
CVE-2022-0287

The myCred WordPress plugin before 2.4.3.1 does not have any authorisation in place in its mycred-tools-select-user AJAX action, allowing any authenticated user, such as subscriber to call and retriev ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：64 | 回复：0
CVE-2022-0363

The myCred WordPress plugin before 2.4.4 does not have any authorisation and CSRF checks in the mycred-tools-import-export AJAX action, allowing any authenticated users, such as subscribers, to call i ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：48 | 回复：0
CVE-2022-0398

The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have authorisation and CSRF checks when creating affiliate links, which could allow any authenticated user, such as ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：39 | 回复：0
CVE-2022-0541

The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a cloned site, allowing any attacker to initiate a new site install by setting the flo_custom_table_prefix co ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：38 | 回复：0
CVE-2022-0634

The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization checks in the ta_insert_external_image action, allowing a low-privilege user (with a role as low as Subs ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：38 | 回复：0
CVE-2022-0656

The Web To Print Shop : uDraw WordPress plugin before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated user ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：37 | 回复：0
CVE-2022-0657

The 5 Stars Rating Funnel WordPress Plugin | RRatingg WordPress plugin before 1.2.54 does not properly sanitise, validate and escape lead ids before using them in a SQL statement via the rrtngg_delete ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：52 | 回复：0
CVE-2022-0693

The Master Elements WordPress plugin through 8.0 does not validate and escape the meta_ids parameter of its remove_post_meta_condition AJAX action (available to both unauthenticated and authenticated ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：71 | 回复：0
CVE-2022-0769

The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the data_target parameter before it is being interpolated in an SQL statement and then executed via the rating_vote ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：97 | 回复：0
CVE-2022-0782

The Donations WordPress plugin through 1.8 does not sanitise and escape the nd_donations_id parameter before using it in a SQL statement via the nd_donations_single_cause_form_validate_fields_php_func ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：60 | 回复：0
CVE-2022-0876

The Social comments by WpDevArt WordPress plugin before 2.5.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when u ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：63 | 回复：0
CVE-2022-0953

The Anti-Malware Security and Brute-Force Firewall WordPress plugin before 4.20.96 does not sanitise and escape the QUERY_STRING before outputting it back in an admin page, leading to a Reflected Cros ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：36 | 回复：0
CVE-2022-1027

The Page Restriction WordPress (WP) WordPress plugin before 1.2.7 allows bad actors with administrator privileges to the settings page to inject Javascript code to its settings leading to stored Cross ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：30 | 回复：0
CVE-2022-1092

The myCred WordPress plugin before 2.4.4 does not have authorisation and CSRF checks in its mycred-tools-import-export AJAX action, allowing any authenticated user to call and and retrieve the list of ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：41 | 回复：0
CVE-2022-1094

The amr users WordPress plugin before 4.59.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even ...……

作者：菜鸟教程小白 | 时间：2022-6-23 10:17 | 阅读：33 | 回复：0