排序
CVE-2023-0236: WordPress Tutor LMS <2.0.10 - Cross Site Scripting
漏洞标题 CVE-2023-0236: WordPress Tutor LMS <2.0.10 - Cross Site Scripting 漏洞描述 WordPress Tutor LMS plugin before 2.0.10 contains a cross-site scripting vulnerability. The p...
2023年10月22日 07:07CVE-2023-42344: OpenCMS – XML external entity (XXE)
漏洞标题 CVE-2023-42344: OpenCMS - XML external entity (XXE) 漏洞描述 users can execute code without authentication. An attacker can execute malicious requests on the OpenCms serve...
2023年10月22日 00:58CVE-2023-2766: Weaver OA 9.5 – Information Disclosure
漏洞标题 CVE-2023-2766: Weaver OA 9.5 - Information Disclosure 漏洞描述 A vulnerability was found in Weaver OA 9.5 and classified as problematic. This issue affects some unknown pr...
2023年10月22日 00:52CVE-2023-2732: MStore API <= 3.9.2 - Authentication Bypass
漏洞标题 CVE-2023-2732: MStore API <= 3.9.2 - Authentication Bypass 漏洞描述 The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and in...
2023年10月22日 00:21CVE-2023-1880: Phpmyfaq v3.1.11 – Cross-Site Scripting
漏洞标题 CVE-2023-1880: Phpmyfaq v3.1.11 - Cross-Site Scripting 漏洞描述 Phpmyfaq v3.1.11 is vulnerable to reflected XSS in send2friend because the 'artlang' parameter is...
2023年10月22日 00:06CVE-2023-30943: Moodle – Cross-Site Scripting/Remote Code Execution
漏洞标题 CVE-2023-30943: Moodle - Cross-Site Scripting/Remote Code Execution 漏洞描述 The vulnerability was found Moodle which exists because the application allows a user to contr...
2023年10月21日 19:04CVE-2023-6909: Mlflow <2.9.2 - Path Traversal
漏洞标题 CVE-2023-6909: Mlflow <2.9.2 - Path Traversal 漏洞描述 Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. PoC代码
2023年10月21日 13:24CVE-2023-24657: phpIPAM – 1.6 – Cross-Site Scripting
漏洞标题 CVE-2023-24657: phpIPAM - 1.6 - Cross-Site Scripting 漏洞描述 phpIPAM 1.6 contains a cross-site scripting vulnerability via the closeClass parameter at /subnet-masks/popup...
2023年10月21日 01:50CVE-2023-3844: MooDating 1.2 – Cross-Site Scripting
漏洞标题 CVE-2023-3844: MooDating 1.2 - Cross-Site Scripting 漏洞描述 A vulnerability was found in mooSocial mooDating 1.2. It has been declared as problematic. Affected by this vu...
2023年10月20日 23:39CVE-2023-45375: PrestaShop PireosPay – SQL Injection
漏洞标题 CVE-2023-45375: PrestaShop PireosPay - SQL Injection 漏洞描述 In the module “PireosPay” (pireospay) up to version 1.7.9 from 01generator.com for PrestaShop, a guest can ...
2023年10月20日 17:34CVE-2023-3849: mooDating 1.2 – Cross-site scripting
漏洞标题 CVE-2023-3849: mooDating 1.2 - Cross-site scripting 漏洞描述 A vulnerability, which was classified as problematic, was found in mooSocial mooDating 1.2. Affected is an unk...
2023年10月20日 14:27CVE-2023-1318: osTicket < v1.16.6 - Cross-Site Scripting
漏洞标题 CVE-2023-1318: osTicket < v1.16.6 - Cross-Site Scripting 漏洞描述 Cross-site Scripting (XSS) - Generic in GitHub repository osticket/osticket prior to v1.16.6. PoC代码
2023年10月20日 11:48CVE-2023-25717: Ruckus Wireless Admin – Remote Code Execution
漏洞标题 CVE-2023-25717: Ruckus Wireless Admin - Remote Code Execution 漏洞描述 Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Requ...
2023年10月19日 11:28CVE-2023-5558: LearnPress < 4.2.5.5 - Cross-Site Scripting
漏洞标题 CVE-2023-5558: LearnPress < 4.2.5.5 - Cross-Site Scripting 漏洞描述 The LearnPress WordPress plugin before 4.2.5.5 does not sanitise and escape user input before output...
2023年10月19日 10:32CVE-2023-29919: SolarView Compact <= 6.00 - Local File Inclusion
漏洞标题 CVE-2023-29919: SolarView Compact <= 6.00 - Local File Inclusion 漏洞描述 There is an arbitrary read file vulnerability in SolarView Compact 6.00 and below, attackers c...
2023年10月19日 00:31CVE-2023-51449: Gradio Hugging Face – Local File Inclusion
漏洞标题 CVE-2023-51449: Gradio Hugging Face - Local File Inclusion 漏洞描述 Gradio LFI when auth is not enabled, affects versions 4.0 - 4.10, also works against Gradio < 3.33 P...
2023年10月18日 19:55
