CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2021-36819

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：127 | 回复：0
CVE-2021-36820

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2021. Notes: none.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：114 | 回复：0
CVE-2022-0743

Cross-site Scripting (XSS) - Stored in GitHub repository getgrav/grav prior to 1.7.31.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：182 | 回复：0
CVE-2022-23906

CMS Made Simple v2.2.15 was discovered to contain a Remote Command Execution (RCE) vulnerability via the upload avatar function. This vulnerability is exploited via a crafted image file.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：134 | 回复：0
CVE-2022-23907

CMS Made Simple v2.2.15 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the parameter m1_fmmessage.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：126 | 回复：0
CVE-2022-25028

Home Owners Collection Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the collected_by parameter under the List of Collections module.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：133 | 回复：0
CVE-2022-25029

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-25096. Reason: This candidate is a duplicate of CVE-2022-25096. Notes: All CVE users should reference CVE-2022-25096 instead of this ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：133 | 回复：0
CVE-2022-25407

Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：127 | 回复：0
CVE-2022-25408

Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the dpassword parameter at /admin-panel1.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：142 | 回复：0
CVE-2022-25409

Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the demail parameter at /admin-panel1.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：120 | 回复：0
CVE-2022-25410

Maxsite CMS v180 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the parameter f_file_description at /admin/files.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：132 | 回复：0
CVE-2022-25411

A Remote Code Execution (RCE) vulnerability at /admin/options in Maxsite CMS v180 allows attackers to execute arbitrary code via a crafted PHP file.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：117 | 回复：0
CVE-2022-25412

Maxsite CMS v180 was discovered to contain multiple arbitrary file deletion vulnerabilities in /admin_page/all-files-update-ajax.php via the dir and deletefile parameters.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：115 | 回复：0
CVE-2022-25413

Maxsite CMS v108 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the parameter f_tags at /admin/page_edit/3.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：119 | 回复：0
CVE-2022-26332

Cipi 3.1.15 allows Add Server stored XSS via the /api/servers name field.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：202 | 回复：0
CVE-2020-12775

Hicos citizen certificate client-side component does not filter special characters for command parameters in specific web URLs. An unauthenticated remote attacker can exploit this vulnerability to per ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：198 | 回复：0
CVE-2021-42767

A directory traversal vulnerability in the apoc plugins in Neo4J Graph database before 4.4.0.1 allows attackers to read local files, and sometimes create local files. This is fixed in 3.5.17, 4.2.10, ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：225 | 回复：0
CVE-2021-42951

A Remote Code Execution (RCE) vulnerability exists in Algorithmia MSOL all versions before October 10 2021 of SaaS. Users can register for an account and are allocated a set number of credits to try t ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：226 | 回复：0
CVE-2021-44961

A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. Specially crafted stl files can exhaust available memory. An attacker can provide mali ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：199 | 回复：0
CVE-2021-44962

An out-of-bounds read vulnerability exists in the GCode::extrude() functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially crafted stl file could lead to information disclosure. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：242 | 回复：0
CVE-2022-22262

ROG Live Service’s function for deleting temp files created by installation has an improper link resolution before file access vulnerability. Since this function does not validate the path before del ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：218 | 回复：0
CVE-2022-24446

An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers (and user information) even if no SSH server or user is associated to the ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：278 | 回复：0
CVE-2022-25018

Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：259 | 回复：0
CVE-2022-25020

A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：232 | 回复：0
CVE-2022-25022

A cross-site scripting (XSS) vulnerability in Htmly v2.8.1 allows attackers to excute arbitrary web scripts HTML via a crafted payload in the content field of a blog post.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:32 | 阅读：212 | 回复：0
CVE-2021-46633

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：92 | 回复：0
CVE-2021-46634

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：198 | 回复：0
CVE-2021-46635

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：92 | 回复：0
CVE-2021-46636

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：86 | 回复：0
CVE-2021-46637

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerab ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：80 | 回复：0
CVE-2021-46638

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：47 | 回复：0
CVE-2021-46639

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：36 | 回复：0
CVE-2021-46640

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：31 | 回复：0
CVE-2021-46641

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：34 | 回复：0
CVE-2021-46642

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that th ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：25 | 回复：0
CVE-2021-46643

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：25 | 回复：0
CVE-2021-46644

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：19 | 回复：0
CVE-2021-46645

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：18 | 回复：0
CVE-2021-46646

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：18 | 回复：0
CVE-2021-46647

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:31 | 阅读：20 | 回复：0