排序
CVE-2023-27032: PrestaShop AdvancedPopupCreator – SQL Injection
漏洞标题 CVE-2023-27032: PrestaShop AdvancedPopupCreator - SQL Injection 漏洞描述 In the module “Advanced Popup Creator” (advancedpopupcreator) from Idnovate for PrestaShop, a gu...
2023年9月27日 08:37CVE-2023-28121: WooCommerce Payments – Unauthorized Admin Access
漏洞标题 CVE-2023-28121: WooCommerce Payments - Unauthorized Admin Access 漏洞描述 An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an unauth...
2023年9月27日 08:05CVE-2023-3843: mooDating 1.2 – Cross-site scripting
漏洞标题 CVE-2023-3843: mooDating 1.2 - Cross-site scripting 漏洞描述 A vulnerability was found in mooSocial mooDating 1.2. It has been classified as problematic. Affected is an un...
2023年9月27日 06:11CVE-2023-1315: osTicket < v1.16.6 - Cross-Site Scripting
漏洞标题 CVE-2023-1315: osTicket < v1.16.6 - Cross-Site Scripting 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository osticket/osticket prior to v1.16.6. PoC代...
2023年9月26日 19:02CVE-2023-1496: Imgproxy < 3.14.0 - Cross-site Scripting (XSS)
漏洞标题 CVE-2023-1496: Imgproxy < 3.14.0 - Cross-site Scripting (XSS) 漏洞描述 Cross-site Scripting (XSS) - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0. Po...
2023年9月26日 17:39CVE-2023-2624: KiviCare WordPress Plugin – Cross-Site Scripting
漏洞标题 CVE-2023-2624: KiviCare WordPress Plugin - Cross-Site Scripting 漏洞描述 The KiviCare WordPress plugin before 3.2.1 does not sanitise and escape the 'filterType'...
2023年9月26日 08:58CVE-2023-6977: Mlflow <2.8.0 - Local File Inclusion
漏洞标题 CVE-2023-6977: Mlflow <2.8.0 - Local File Inclusion 漏洞描述 Mlflow before 2.8.0 is susceptible to local file inclusion due to path traversal in GitHub repository mlflo...
2023年9月26日 08:08CVE-2023-0678: PHPIPAM
漏洞标题 CVE-2023-0678: PHPIPAM <v1.5.1 - Missing Authorization 漏洞描述 In phpIPAM 1.5.1, an unauthenticated user could download the list of high-usage IP subnets that contains...
2023年9月26日 07:14CVE-2023-38964: Academy LMS 6.0 – Cross-Site Scripting
漏洞标题 CVE-2023-38964: Academy LMS 6.0 - Cross-Site Scripting 漏洞描述 Creative Item Academy LMS 6.0 was discovered to contain a cross-site scripting (XSS) vulnerability through ...
2023年9月26日 06:27CVE-2023-30192: PrestaShop ‘possearchproducts’ <= 1.7 - SQL Injection
漏洞标题 CVE-2023-30192: PrestaShop 'possearchproducts' <= 1.7 - SQL Injection 漏洞描述 In the module “Search Products” (possearchproducts) from PosThemes for Presta...
2023年9月26日 04:01CVE-2023-6977: Mlflow <2.8.0 - Local File Inclusion
漏洞标题 CVE-2023-6977: Mlflow <2.8.0 - Local File Inclusion 漏洞描述 Mlflow before 2.8.0 is susceptible to local file inclusion due to path traversal in GitHub repository mlflo...
2023年9月26日 00:47CVE-2023-32315-2: Openfire身份认证绕过漏洞
漏洞标题 CVE-2023-32315-2: Openfire身份认证绕过漏洞 漏洞描述 Openfire is an XMPP server licensed under the Open Source Apache License. Openfire's administrative console, a web...
2023年9月26日 00:09CVE-2023-37988: Contact Form Generator <= 2.5.5 - Cross-Site Scripting
漏洞标题 CVE-2023-37988: Contact Form Generator <= 2.5.5 - Cross-Site Scripting 漏洞描述 The Contact Form Generator plugin for WordPress is vulnerable to Reflected Cross-Site Sc...
2023年9月25日 12:11CVE-2023-50094: reNgine 2.2.0 – Command Injection
漏洞标题 CVE-2023-50094: reNgine 2.2.0 - Command Injection 漏洞描述 reNgine before 2.1.2 allows OS Command Injection if an adversary has a valid session ID. The attack places shell...
2023年9月24日 22:16CVE-2023-42344: OpenCMS – XML external entity (XXE)
漏洞标题 CVE-2023-42344: OpenCMS - XML external entity (XXE) 漏洞描述 users can execute code without authentication. An attacker can execute malicious requests on the OpenCms serve...
2023年9月24日 22:06Atlassian Confluence /json/setup-restore.action 文件上传漏洞(CVE-2023-22518)
漏洞标题 Atlassian Confluence /json/setup-restore.action 文件上传漏洞(CVE-2023-22518) 漏洞描述 Atlassian Confluence是一款企业知识管理与协作软件。该漏洞存在于Atlassian Confluence...
2023年9月24日 18:54
