• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

CVE漏洞

RSS
  • CVE-2020-21405
    CVE-2020-21405
    An issue was discovered in H96 Smart TV Box H96 Pro Plus allows attackers to corrupt files via calls to the saveDeepColorAttr service.unk……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:844 | 回复:0
  • CVE-2020-21406
    CVE-2020-21406
    An issue was discovered in RK Smart TV Box MAX and V88 SmartTV box that allows attackers to cause a denial of service via the switchNextDisplayInterface service.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:589 | 回复:0
  • CVE-2021-36849
    CVE-2021-36849
    Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in René Hermenau's Social Media Share Buttons plugin = 3.8.1 at WordPress.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:657 | 回复:0
  • CVE-2022-29454
    CVE-2022-29454
    Cross-Site Request Forgery (CSRF) vulnerability in WordPlus Better Messages plugin = 1.9.9.148 at WordPress allows attackers to upload files. File attachment to messages must be activated.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:17 | 阅读:713 | 回复:0
  • CVE-2022-35890
    CVE-2022-35890
    An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. Designer and Vision Client Session IDs are mishandled. An attacker can determine which session IDs were ge ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:916 | 回复:0
  • CVE-2022-35901
    CVE-2022-35901
    An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a J2K file conta ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:487 | 回复:0
  • CVE-2022-35902
    CVE-2022-35902
    An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an OBJ file cont ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:491 | 回复:0
  • CVE-2022-35903
    CVE-2022-35903
    An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a 3DS file conta ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:489 | 回复:0
  • CVE-2022-35904
    CVE-2022-35904
    An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an IFC file cont ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:550 | 回复:0
  • CVE-2022-35905
    CVE-2022-35905
    An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an FBX file cont ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:543 | 回复:0
  • CVE-2022-35906
    CVE-2022-35906
    An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open a DGN file conta ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:529 | 回复:0
  • CVE-2017-20130
    CVE-2017-20130
    A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/search_property ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:465 | 回复:0
  • CVE-2017-20131
    CVE-2017-20131
    A vulnerability was found in Itech News Portal 6.28. It has been classified as critical. Affected is an unknown function of the file /news-portal-script/information.php. The manipulation of the argume ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:666 | 回复:0
  • CVE-2017-20132
    CVE-2017-20132
    A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The manip ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:523 | 回复:0
  • CVE-2017-20133
    CVE-2017-20133
    A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. This affects an unknown part of the file /admin. The manipulation leads to improper authentication. It is ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:483 | 回复:0
  • CVE-2017-20134
    CVE-2017-20134
    A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of t ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:650 | 回复:0
  • CVE-2017-20135
    CVE-2017-20135
    A vulnerability classified as critical was found in Itech Dating Script 3.26. Affected by this vulnerability is an unknown functionality of the file /see_more_details.php. The manipulation of the argu ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:808 | 回复:0
  • CVE-2017-20136
    CVE-2017-20136
    A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. Affected is an unknown function of the file /subpage.php. The manipulation of the argument scat with the input = ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:603 | 回复:0
  • CVE-2017-20137
    CVE-2017-20137
    A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with t ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:511 | 回复:0
  • CVE-2017-20138
    CVE-2017-20138
    A vulnerability was found in Itech Auction Script 6.49. It has been classified as critical. This affects an unknown part of the file /mcategory.php. The manipulation of the argument mcid with the inpu ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:506 | 回复:0
  • CVE-2021-34538
    CVE-2021-34538
    Apache Hive before 3.1.3 CREATE and DROP function operations does not check for necessary authorization of involved entities in the query. It was found that an unauthorized user can manipulate an exis ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:846 | 回复:0
  • CVE-2021-36711
    CVE-2021-36711
    WebInterface in OctoBot before 0.4.4 allows remote code execution because Tentacles upload is mishandled.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:733 | 回复:0
  • CVE-2022-36126
    CVE-2022-36126
    An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. The ScriptInvoke function allows remote attackers to execute arbitrary code by supplying a Python script.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:974 | 回复:0
  • CVE-2015-10003
    CVE-2015-10003
    A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended inter ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:710 | 回复:0
  • CVE-2020-7641
    CVE-2020-7641
    This affects all versions of package grunt-util-property. The function call could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:708 | 回复:0
  • CVE-2021-24655
    CVE-2021-24655
    The WP User Manager WordPress plugin before 2.6.3 does not ensure that the user ID to reset the password of is related to the reset key given. As a result, any authenticated user can reset the passwor ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:727 | 回复:0
  • CVE-2022-1672
    CVE-2022-1672
    The Insights from Google PageSpeed WordPress plugin before 4.0.7 does not verify for CSRF before doing various actions such as deleting Custom URLs, which could allow attackers to make a logged in adm ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:962 | 回复:0
  • CVE-2022-1933
    CVE-2022-1933
    The CDI WordPress plugin before 5.1.9 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:662 | 回复:0
  • CVE-2022-2090
    CVE-2022-2090
    The Discount Rules for WooCommerce WordPress plugin before 2.4.2 does not escape a parameter before outputting it back in an attribute of the plugin's discount rule page, leading to Reflected Cros ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:826 | 回复:0
  • CVE-2022-2099
    CVE-2022-2099
    The WooCommerce WordPress plugin before 6.6.0 is vulnerable to stored HTML injection due to lack of escaping and sanitizing in the payment gateway titles……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:741 | 回复:0
  • CVE-2022-2100
    CVE-2022-2100
    The Page Generator WordPress plugin before 1.6.5 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:568 | 回复:0
  • CVE-2022-2114
    CVE-2022-2114
    The Data Tables Generator by Supsystic WordPress plugin before 1.10.20 does not sanitise and escape some of its Table settings, which could allow high privilege users such as admin to perform Stored C ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:676 | 回复:0
  • CVE-2022-2118
    CVE-2022-2118
    The 404s WordPress plugin before 3.5.1 does not sanitise and escape its fields, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capabi ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:625 | 回复:0
  • CVE-2022-2133
    CVE-2022-2133
    The OAuth Single Sign On WordPress plugin before 6.22.6 doesn't validate that OAuth access token requests are legitimate, which allows attackers to log onto the site with the only knowledge of a u ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:662 | 回复:0
  • CVE-2022-2144
    CVE-2022-2144
    The Jquery Validation For Contact Form 7 WordPress plugin before 5.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change Blog opt ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:1047 | 回复:0
  • CVE-2022-2146
    CVE-2022-2146
    The Import CSV Files WordPress plugin through 1.0 does not sanitise and escaped imported data before outputting them back in a page, and is lacking CSRF check when performing such action as well, resu ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:902 | 回复:0
  • CVE-2022-2148
    CVE-2022-2148
    The LinkedIn Company Updates WordPress plugin through 1.5.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:754 | 回复:0
  • CVE-2022-2149
    CVE-2022-2149
    The Very Simple Breadcrumb WordPress plugin through 1.0 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unf ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:897 | 回复:0
  • CVE-2022-2151
    CVE-2022-2151
    The Best Contact Management Software WordPress plugin through 3.7.3 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even ...……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:508 | 回复:0
  • CVE-2022-2168
    CVE-2022-2168
    The Download Manager WordPress plugin before 3.2.44 does not escape a generated URL before outputting it back in an attribute of the history dashboard, leading to Reflected Cross-Site Scripting……
    作者:菜鸟教程小白 | 时间:2022-7-29 17:16 | 阅读:492 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

热门推荐
专题导读
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap