• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号
登陆 注册
OStack程序员社区-中国程序员成长平台 门户 漏洞

漏洞

RSS

下级分类:

  • CVE-2021-25926
    CVE漏洞
    CVE-2021-25926
    In SiCKRAGE, versions 9.3.54.dev1 to 10.0.11.dev1 are vulnerable to Reflected Cross-Site-Scripting (XSS) due to user input not being validated properly in the `quicksearch` feature. Therefore, an atta ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:22 | 回复:0
  • CVE-2021-25925
    CVE漏洞
    CVE-2021-25925
    in SiCKRAGE, versions 4.2.0 to 10.0.11.dev1 are vulnerable to Stored Cross-Site-Scripting (XSS) due to user input not being validated properly when processed by the server. Therefore, an attacker can ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:21 | 回复:0
  • CVE-2021-24231
    CVE漏洞
    CVE-2021-24231
    The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged administrator disconnect the site from Pat ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:23 | 回复:0
  • CVE-2021-24230
    CVE漏洞
    CVE-2021-24230
    The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged in user overwrite or create arbitrary user ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:16 | 回复:0
  • CVE-2021-24229
    CVE漏洞
    CVE-2021-24229
    The Jetpack Scan team identified a Reflected Cross-Site Scripting via the patreon_save_attachment_patreon_level AJAX action of the Patreon WordPress plugin before 1.7.2. This AJAX hook is used to upda ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:30 | 回复:0
  • CVE-2021-24228
    CVE漏洞
    CVE-2021-24228
    The Jetpack Scan team identified a Reflected Cross-Site Scripting in the Login Form of the Patreon WordPress plugin before 1.7.2. The WordPress login form (wp-login.php) is hooked by the plugin and of ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:15 | 回复:0
  • CVE-2021-24227
    CVE漏洞
    CVE-2021-24227
    The Jetpack Scan team identified a Local File Disclosure vulnerability in the Patreon WordPress plugin before 1.7.0 that could be abused by anyone visiting the site. Using this attack vector, an attac ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:14 | 回复:0
  • CVE-2021-24226
    CVE漏洞
    CVE-2021-24226
    In the AccessAlly WordPress plugin before 3.5.7, the file resource/frontend/product/product-shortcode.php responsible for the shortcode is dumping serialize($_SERVER), which contains all environment ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:33 | 回复:0
  • CVE-2021-24225
    CVE漏洞
    CVE-2021-24225
    The Advanced Booking Calendar WordPress plugin before 1.6.7 did not sanitise the calId GET parameter in the Seasons Calendars page before outputing it in an A tag, leading to a reflected XSS issue……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:20 | 回复:0
  • CVE-2021-24224
    CVE漏洞
    CVE-2021-24224
    The EFBP_verify_upload_file AJAX action of the Easy Form Builder WordPress plugin through 1.0, available to authenticated users, does not have any security in place to verify uploaded files, allowing ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:17 | 回复:0
  • CVE-2021-24223
    CVE漏洞
    CVE-2021-24223
    The N5 Upload Form WordPress plugin through 1.0 suffers from an arbitrary file upload issue in page where a Form from the plugin is embed, as any file can be uploaded. The uploaded filename might be h ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:20 | 回复:0
  • CVE-2021-24222
    CVE漏洞
    CVE-2021-24222
    The WP-Curriculo Vitae Free WordPress plugin through 6.3 suffers from an arbitrary file upload issue in page where the is embed. The form allows unauthenticated user to register and submit files for ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:30 | 回复:0
  • CVE-2021-24221
    CVE漏洞
    CVE-2021-24221
    The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin for WordPress plugin before 7.1.12 did not sanitise the result_id GET parameter on pages with the shortcode without id attribute, c ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:25 | 回复:0
  • CVE-2021-24220
    CVE漏洞
    CVE-2021-24220
    Thrive “Legacy” Rise by Thrive Themes WordPress theme before 2.0.0, Luxe by Thrive Themes WordPress theme before 2.0.0, Minus by Thrive Themes WordPress theme before 2.0.0, Ignition by Thrive Themes ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:18 | 回复:0
  • CVE-2021-24219
    CVE漏洞
    CVE-2021-24219
    The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:19 | 回复:0
  • CVE-2021-24218
    CVE漏洞
    CVE-2021-24218
    The wp_ajax_save_fbe_settings and wp_ajax_delete_fbe_settings AJAX actions of the Facebook for WordPress plugin before 3.0.4 were vulnerable to CSRF due to a lack of nonce protection. The settings in ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:19 | 回复:0
  • CVE-2021-24217
    CVE漏洞
    CVE-2021-24217
    The run_action function of the Facebook for WordPress plugin before 3.0.0 deserializes user supplied data making it possible for PHP objects to be supplied creating an Object Injection vulnerability. ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:24 | 回复:0
  • CVE-2021-24215
    CVE漏洞
    CVE-2021-24215
    An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress plugin before 1.5.2. Uncontrolled access to the website customization functionality and global CMS sett ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:19 | 回复:0
  • CVE-2021-24213
    CVE漏洞
    CVE-2021-24213
    The GiveWP – Donation Plugin and Fundraising Platform WordPress plugin before 2.10.0 was affected by a reflected Cross-Site Scripting vulnerability inside of the administration panel, via the &#3 ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:17 | 回复:0
  • CVE-2021-24200
    CVE漏洞
    CVE-2021-24200
    The wpDataTables – Tables Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endp ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:22 | 回复:0
  • CVE-2021-24199
    CVE漏洞
    CVE-2021-24199
    The wpDataTables – Tables Table Charts premium WordPress plugin before 3.4.2 allows a low privilege authenticated user to perform Boolean-based blind SQL Injection in the table list page on the endp ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:28 | 回复:0
  • CVE-2021-24198
    CVE漏洞
    CVE-2021-24198
    The wpDataTables – Tables Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tam ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:34 | 回复:0
  • CVE-2021-24197
    CVE漏洞
    CVE-2021-24197
    The wpDataTables – Tables Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tam ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:27 | 回复:0
  • CVE-2021-23370
    CVE漏洞
    CVE-2021-23370
    This affects the package swiper before 6.5.1.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:35 | 回复:0
  • CVE-2021-23369
    CVE漏洞
    CVE-2021-23369
    The package handlebars before 4.7.7 are vulnerable to Remote Code Execution (RCE) when selecting certain compiling options to compile templates coming from an untrusted source.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:32 | 回复:0
  • CVE-2021-23368
    CVE漏洞
    CVE-2021-23368
    The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:22 | 回复:0
  • CVE-2020-28872
    CVE漏洞
    CVE-2020-28872
    An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/assets/config/_installation/_register.php allows an unauthorized person to create valid credentials.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:20 | 回复:0
  • CVE-2021-23371
    CVE漏洞
    CVE-2021-23371
    This affects the package chrono-node before 2.2.4. It hangs on a date-like string with lots of embedded spaces.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:28 | 回复:0
  • CVE-2020-24285
    CVE漏洞
    CVE-2020-24285
    INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to obtain sensitive information through /cgi-bin/cgiServer.exx.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:18 | 回复:0
  • CVE-2021-29379
    CVE漏洞
    CVE-2021-29379
    ** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:27 | 回复:0
  • CVE-2021-28879
    CVE漏洞
    CVE-2021-28879
    In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is us ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:13 | 回复:0
  • CVE-2021-28878
    CVE漏洞
    CVE-2021-28878
    In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:21 | 回复:0
  • CVE-2021-28877
    CVE漏洞
    CVE-2021-28877
    In the standard library in Rust before 1.51.0, the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. This bug can lead to a memory safety violation due ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:28 | 回复:0
  • CVE-2021-28876
    CVE漏洞
    CVE-2021-28876
    In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panic ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:11 | 回复:0
  • CVE-2021-28875
    CVE漏洞
    CVE-2021-28875
    In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:12 | 回复:0
  • CVE-2020-36318
    CVE漏洞
    CVE-2020-36318
    In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or doubl ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:17 | 回复:0
  • CVE-2020-36317
    CVE漏洞
    CVE-2020-36317
    In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could resu ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:11 | 回复:0
  • CVE-2015-20001
    CVE漏洞
    CVE-2015-20001
    In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range p ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:21 | 回复:0
  • CVE-2021-30485
    CVE漏洞
    CVE-2021-30485
    An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd(), while parsing a crafted XML file, performs incorrect memory handling, leading to a NULL pointer dereference whi ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:20 | 回复:0
  • CVE-2021-30481
    CVE漏洞
    CVE-2021-30481
    Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after on ...……
    作者:菜鸟教程小白 | 时间:2022-2-5 10:32 | 阅读:24 | 回复:0

关注我们

极客给你想要的成长

关注极客中国获取最新资讯

加入Q群 官方微博
热门推荐
More+
专题导读
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap