CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-29587

Konica Minolta bizhub MFP devices before 2022-04-14 have an internal Chromium browser that executes with root (aka superuser) access privileges.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-29588

Konica Minolta bizhub MFP devices before 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-30782

Openmoney API through 2020-06-29 uses the JavaScript Math.random function, which does not provide cryptographically secure random numbers.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-30011

In HMS 1.0 when requesting appointment.php through POST, multiple parameters can lead to a SQL injection vulnerability.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-30012

In the POST request of the appointment.php page of HMS v.0, there are SQL injection vulnerabilities in multiple parameters, and database information can be obtained through injection.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2021-41927

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2021-42870

ACCEL-PPP 1.12.0 has an out-of-bounds read in post_msg when processing a call_clear_request.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2021-42897

A remote command execution (RCE) vulnerability was found in FeMiner wms V1.0 in /wms/src/system/datarec.php. The $_POST is directly passed into the $mysqlstr and is executed by exec.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2021-42966

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-29017

Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x86_64/multiarch/strlen-avx2.S.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-29351

An arbitrary file upload vulnerability in the file upload module of Tiddlywiki5 v5.2.2 allows attackers to execute arbitrary code via a crafted SVG file.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-29353

An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows attackers to execute arbitrary code via a crafted filename.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-29354

An arbitrary file upload vulnerability in the file upload module of Keystone v4.2.1 allows attackers to execute arbitrary code via a crafted file.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-29622

An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via a crafted filename. NOTE: some third parties dispute this issue because the product has commo ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-29623

An arbitrary file upload vulnerability in the file upload module of Connect-Multiparty v2.2.0 allows attackers to execute arbitrary code via a crafted PDF file.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-30013

A stored cross-site scripting (XSS) vulnerability in the upload function of totaljs CMS 3.4.5 allows attackers to execute arbitrary web scripts via a JavaScript embedded PDF file.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-30776

atmail 6.5.0 allows XSS via the index.php/admin/index/ error parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-30777

Parallels H-Sphere 3.6.1713 allows XSS via the index_en.php from parameter.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2021-25119

The AGIL WordPress plugin through 1.0 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-0573

JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-0574

Improper Access Control in GitHub repository publify/publify prior to 9.2.8.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-0578

Code Injection in GitHub repository publify/publify prior to 9.2.8.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-0867

The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-0873

The Gmedia Photo Gallery WordPress plugin before 1.20.0 does not sanitise and escape the Album's name before outputting it in pages/posts with a media embed, which could allow high privilege users ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1051

The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not sanitise and escape the city, phone or profile credentials fields when outputting it ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1062

The th23 Social WordPress plugin through 1.2.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1089

The Bulk Edit and Create User Profiles WordPress plugin before 1.5.14 does not sanitise and escape the Users Login, which could allow high privilege users such as admin to perform Stored Cross-Site Sc ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1103

The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1182

The Visual Slide Box Builder WordPress plugin through 3.2.9 does not sanitise and escape various parameters before using them in SQL statements via some of its AJAX actions available to any authentica ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1216

The Advanced Image Sitemap WordPress plugin through 1.2 does not sanitise and escape the PHP_SELF PHP variable before outputting it back in an attribute in an admin page, leading to Reflected Cross-Si ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1217

The Custom TinyMCE Shortcode Button WordPress plugin through 1.1 does not sanitise and escape the PHP_SELF variable before outputting it back in an attribute in an admin page, leading to Reflected Cro ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1265

The BulletProof Security WordPress plugin before 6.1 does not sanitize and escape some of its CAPTCHA settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even whe ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1267

The BMI BMR Calculator WordPress plugin through 1.3 does not sanitise and escape arbitrary POST data before outputting it back in the response, leading to a Reflected Cross-Site Scripting……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1334

The WP YouTube Live WordPress plugin before 1.8.3 does not validate, sanitise and escape various of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1349

The WPQA Builder Plugin WordPress plugin before 5.2, used as a companion plugin for the Discy and Himer , does not validate that the value passed to the image_id parameter of the ajax action wpqa_remo ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：6 | 回复：0
CVE-2022-1386

The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：7 | 回复：0
CVE-2022-1393

The WP Subtitle WordPress plugin before 3.4.1 adds a subtitle field and provides a shortcode to display it via . The subtitle is stored as a custom post meta with the key: wps_subtitle, which is sanit ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：8 | 回复：0
CVE-2022-1398

The External Media without Import WordPress plugin through 1.1.2 does not have any authorisation and does to ensure that medias added via URLs are external medias, which could allow any authenticated ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：8 | 回复：0
CVE-2022-1407

The VikBooking Hotel Booking Engine PMS WordPress plugin before 1.5.8 does not have CSRF check in place when adding a tracking campaign, and does not escape the campaign fields when outputting them I ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：8 | 回复：0
CVE-2022-1408

The VikBooking Hotel Booking Engine PMS WordPress plugin before 1.5.8 does not escape various settings before outputting them in attributes, which could allow high privilege users such as admin to pe ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:36 | 阅读：8 | 回复：0