Updated by Github Bot

EXP-Tools · Jun 25, 2024 · a9755d0 · a9755d0
1 parent 5ba8875
commit a9755d0
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 81 deletions.
diff --git a/cache/Tenable (Nessus).dat b/cache/Tenable (Nessus).dat
@@ -164,3 +164,13 @@ a1a20feca6978ef75b6ef6b750f0f352
 e88b3fba55c466c08a51856bc524c897
 430683c3155dbbeaae12f8a33cafbd59
 f9241e09be7111c9a6846d83edda7001
+f7f26f0469e715576f45de8a29b6295e
+d48d24c986f96356ad78bd0a5a6c7eb7
+42f05dcc2e702a2e7f11d150351518c2
+7ff94efb013c15b4ea05cf52e52b4676
+a434d75fa8e8054652906662e434bef7
+060452eecce1f0be1651a50354201305
+0baa12fba3948a5443695e17795722b0
+1036a0de764e23666efda6a9d3697552
+ba99b0f4230819e0657cf56ec5aeeded
+016dd34dc0a915aa3185db6ed9430f37
diff --git a/data/cves.db b/data/cves.db
diff --git a/docs/index.html b/docs/index.html
@@ -1,4 +1,4 @@
-<!-- RELEASE TIME : 2024-06-25 09:22:16 -->
+<!-- RELEASE TIME : 2024-06-25 18:28:20 -->
 <html lang="zh-cn">
 
  <head>
@@ -283,6 +283,86 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <th width="43%">TITLE</th>
        <th width="5%">URL</th>
       </tr>
+      <tr>
+       <td>f7f26f0469e715576f45de8a29b6295e</td>
+       <td>CVE-2024-6303</td>
+       <td>2024-06-25 13:15:51 <img src="imgs/new.gif" /></td>
+       <td>Missing authorization in Client-Server API in Conduit <=0.7.0, allowing for any alias to be removed and added to another room, which can be used for privilege escalation by moving the #admins alias to a room which they control, allowing them to run commands resetting passwords, siging json with the server's key, deactivating users, and more</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6303">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>d48d24c986f96356ad78bd0a5a6c7eb7</td>
+       <td>CVE-2024-6302</td>
+       <td>2024-06-25 13:15:51 <img src="imgs/new.gif" /></td>
+       <td>Lack of privilege checking when processing a redaction in Conduit versions v0.6.0 and lower, allowing a local user to redact any message from users on the same server, given that they are able to send redaction events.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6302">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>42f05dcc2e702a2e7f11d150351518c2</td>
+       <td>CVE-2024-6301</td>
+       <td>2024-06-25 13:15:51 <img src="imgs/new.gif" /></td>
+       <td>Lack of validation of origin in federation API in Conduit, allowing any remote server to impersonate any user from any server in most EDUs</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6301">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>7ff94efb013c15b4ea05cf52e52b4676</td>
+       <td>CVE-2024-6300</td>
+       <td>2024-06-25 13:15:50 <img src="imgs/new.gif" /></td>
+       <td>Incomplete cleanup when performing redactions in Conduit, allowing an attacker to check whether certain strings were present in the PDU before redaction</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6300">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>a434d75fa8e8054652906662e434bef7</td>
+       <td>CVE-2024-6299</td>
+       <td>2024-06-25 13:15:50 <img src="imgs/new.gif" /></td>
+       <td>Lack of consideration of key expiry when validating signatures in Conduit, allowing an attacker which has compromised an expired key to forge requests as the remote server, as well as PDUs with timestamps past the expiry date</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6299">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>060452eecce1f0be1651a50354201305</td>
+       <td>CVE-2024-5261</td>
+       <td>2024-06-25 13:15:50 <img src="imgs/new.gif" /></td>
+       <td>Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third party components to reuse LibreOffice as a library to convert, view or otherwise interact with documents. LibreOffice internally makes use of "curl" to fetch remote resources such as images hosted on webservers. In affected versions of LibreOffice, when used in LibreOfficeKit mode only, then curl's TLS certification verification was disabled (CURLOPT_SSL_VERIFYPEER of false) In the fixed versions curl operates in LibreOfficeKit mode the same as in standard mode with CURLOPT_SSL_VERIFYPEER of true. This issue affects LibreOffice before version 24.2.4.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-5261">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>0baa12fba3948a5443695e17795722b0</td>
+       <td>CVE-2024-4846</td>
+       <td>2024-06-25 13:15:50 <img src="imgs/new.gif" /></td>
+       <td>Authentication bypass in the 2FA feature in Devolutions Server 2024.1.14.0 and earlier allows an authenticated attacker to authenticate to another user without being asked for the 2FA via another browser tab.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4846">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>1036a0de764e23666efda6a9d3697552</td>
+       <td>CVE-2024-31111</td>
+       <td>2024-06-25 13:15:49 <img src="imgs/new.gif" /></td>
+       <td>Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic WordPress allows Stored XSS.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from 6.1 through 6.1.6, from 6.0 through 6.0.8, from 5.9 through 5.9.9.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-31111">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>ba99b0f4230819e0657cf56ec5aeeded</td>
+       <td>CVE-2024-28832</td>
+       <td>2024-06-25 12:15:09 <img src="imgs/new.gif" /></td>
+       <td>Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2.0.0 (EOL) allows users with permission to change Global Settings to execute arbitrary scripts by injecting HTML elements into the Crash Report URL in the Global Settings.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28832">详情</a></td>
+      </tr>
+
+      <tr>
+       <td>016dd34dc0a915aa3185db6ed9430f37</td>
+       <td>CVE-2024-28831</td>
+       <td>2024-06-25 12:15:09 <img src="imgs/new.gif" /></td>
+       <td>Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows Checkmk users to execute arbitrary scripts by injecting HTML elements into some user input fields that are shown in a confirmation pop-up.</td>
+       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-28831">详情</a></td>
+      </tr>
+
       <tr>
        <td>7de89a3de59e9801c17de151a145ea64</td>
        <td>CVE-2024-5862</td>
@@ -443,86 +523,6 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
        <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-38379">详情</a></td>
       </tr>
 
-      <tr>
-       <td>8d17f6c81950916cea4fdb840d052457</td>
-       <td>CVE-2024-5596</td>
-       <td>2024-06-22 06:15:11</td>
-       <td>The ARMember Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.7. This is due to incorrectly implemented nonce validation function on multiple functions. This makes it possible for unauthenticated attackers to modify, or delete user meta and plugin options which can lead to limited privilege escalation.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-5596">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>f9dc0b0fffa70be823f56c43293c49f2</td>
-       <td>CVE-2024-4940</td>
-       <td>2024-06-22 06:15:11</td>
-       <td>An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting (XSS), Server-Side Request Forgery (SSRF), amongst others. This issue is due to improper validation of user-supplied input in the handling of URLs. Attackers can exploit this vulnerability by crafting a malicious URL that, when processed by the application, redirects the user to an attacker-controlled web page.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4940">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>0486c4b4134db714d2cf7ee3692cfd61</td>
-       <td>CVE-2024-3593</td>
-       <td>2024-06-22 06:15:09</td>
-       <td>The UberMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.3. This is due to missing or incorrect nonce validation on the ubermenu_delete_all_item_settings and ubermenu_reset_settings functions. This makes it possible for unauthenticated attackers to delete and reset the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-3593">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>a309295956a7a0304dfa6cf8b6f305b0</td>
-       <td>CVE-2024-4874</td>
-       <td>2024-06-22 05:15:11</td>
-       <td>The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.8 via the postId parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Contributor-level access and above, to modify posts and pages created by other users including admins. As a requirement for this, an admin would have to enable access to the editor specifically for such a user or enable it for all users with a certain user account type.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4874">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>81a0081647a27f3a87c7ea90eb7743a3</td>
-       <td>CVE-2024-21519</td>
-       <td>2024-06-22 05:15:11</td>
-       <td>This affects versions of the package opencart/opencart from 4.0.0.0. An Arbitrary File Creation issue was identified via the database restoration functionality. By injecting PHP code into the database, an attacker with admin privileges can create a backup file with an arbitrary filename (including the extension), within /system/storage/backup. **Note:** It is less likely for the created file to be available within the web root, as part of the security recommendations for the application suggest moving the storage path outside of the web root.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21519">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>091d5684f4f57522c505b90f43717bc3</td>
-       <td>CVE-2024-21518</td>
-       <td>2024-06-22 05:15:11</td>
-       <td>This affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary locations. An attacker can create arbitrary files in the web root of the application and overwrite other existing files by exploiting this vulnerability.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21518">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>a6ce43c4562eed7823485da6ed31de6b</td>
-       <td>CVE-2024-21517</td>
-       <td>2024-06-22 05:15:11</td>
-       <td>This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was identified in the redirect parameter of customer account/login route. An attacker can inject arbitrary HTML and Javascript into the page response. As this vulnerability is present in the account functionality it could be used to target and attack customers of the OpenCart shop. **Notes:** 1) The fix for this vulnerability is incomplete</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-21517">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>9f8095c263f4bb7d0ba89df189440032</td>
-       <td>CVE-2024-5059</td>
-       <td>2024-06-21 13:15:12</td>
-       <td>Exposure of Sensitive Information to an Unauthorized Actor vulnerability in A WP Life Event Management Tickets Booking.This issue affects Event Management Tickets Booking: from n/a through 1.4.0.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-5059">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>8bff43cc385822f449f8141c9c6c3319</td>
-       <td>CVE-2024-35776</td>
-       <td>2024-06-21 13:15:12</td>
-       <td>Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exeebit phpinfo() WP.This issue affects phpinfo() WP: from n/a through 5.0.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-35776">详情</a></td>
-      </tr>
-
-      <tr>
-       <td>9ed8b6cb7aed1868db726b8bb8f36e87</td>
-       <td>CVE-2024-35772</td>
-       <td>2024-06-21 13:15:12</td>
-       <td>Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Hueman.This issue affects Hueman: from n/a through 3.7.24.</td>
-       <td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-35772">详情</a></td>
-      </tr>
-
      </tbody>
     </table>
    </div>