Skip to content

Commit

Permalink
Updated by Github Bot
Browse files Browse the repository at this point in the history
  • Loading branch information
Github-Bot committed Jul 4, 2024
1 parent 3824b81 commit e7b1dca
Show file tree
Hide file tree
Showing 4 changed files with 105 additions and 86 deletions.
15 changes: 15 additions & 0 deletions cache/Nsfocus.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -173,3 +173,18 @@ f1bb6f91fe982032614d7b20706997c0
c3a844b1306ebe28aa2b7bbeec40838f
a72be3522d0fef307c7080ea431c833b
375dd2a503b238e3dfb3fd9caedda6f8
72d285355e5aeba46c69b555aeffce2a
0aab5972ff1172b318d8d997faf9ea5a
ef33db2e3c05151f855828060ae66085
686e789cc3d08921f9977d8e22708dc4
f4485f9de9be0b6dd8e8175b82fea8fe
04b015dbeebd3d97c18b643d9bff216c
f48b0c44814a724c43d17b6629a5a9e8
990425bb30e009e2edee36ea5dda506e
88a89bc301a7fc9574f1575877b473bf
05dec0c8c1c544949f7f6e965d25b2ba
b0f1c6c11886b20d670a89f3c2fc1fc1
3838f2a9780c68320da276da28072387
272ab5cd751ec4cf16466e7c2d8ef1d8
8bd4ae41d32498bb5f36cc77aee710cd
29f04b5418ec88cb994a78e3d5523559
4 changes: 4 additions & 0 deletions cache/RedQueen.dat
View file
Original file line number Diff line number Diff line change
Expand Up @@ -150,3 +150,7 @@ fc283269ab7a764b43cef8107420830b
c790d644a78c6d64da55748b84c2f4ba
12ae7cd50e62ce911e7247b2380dc80a
a95ab72502d8206a3fc1db3e578f1592
c7e0c054351f524088af3afb4bab861e
e22b2879b6643fbd3aa90b813f018cb9
1dcbbf0220f71c3455814c607426f1e3
96f5e52f42c170f547f4037a8fc6490a
Binary file modified data/cves.db
View file
Binary file not shown.
172 changes: 86 additions & 86 deletions docs/index.html
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
<!-- RELEASE TIME : 2024-07-03 15:22:47 -->
<!-- RELEASE TIME : 2024-07-04 03:24:47 -->
<html lang="zh-cn">

<head>
Expand Down Expand Up @@ -366,79 +366,79 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
<tr>
<td>9b70227dbf1642174570fced1dda7334</td>
<td>CVE-2024-6440</td>
<td>2024-07-02 11:15:11 <img src="imgs/new.gif" /></td>
<td>2024-07-02 11:15:11</td>
<td>A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-270168.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6440">详情</a></td>
</tr>

<tr>
<td>939c826fc592e8398fca103bb8c71a99</td>
<td>CVE-2024-6439</td>
<td>2024-07-02 11:15:11 <img src="imgs/new.gif" /></td>
<td>2024-07-02 11:15:11</td>
<td>A vulnerability was found in SourceCodester Home Owners Collection Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Users.php?f=save. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-270167.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6439">详情</a></td>
</tr>

<tr>
<td>9b673c171a5ae5f66f2dbff4ed048149</td>
<td>CVE-2024-6438</td>
<td>2024-07-02 11:15:11 <img src="imgs/new.gif" /></td>
<td>2024-07-02 11:15:11</td>
<td>A vulnerability has been found in Hitout Carsale 1.0 and classified as critical. This vulnerability affects unknown code of the file OrderController.java. The manipulation of the argument orderBy leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-270166 is the identifier assigned to this vulnerability.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6438">详情</a></td>
</tr>

<tr>
<td>9b05dea8e8558b5cedf0aa276962cbf0</td>
<td>CVE-2024-6264</td>
<td>2024-07-02 11:15:10 <img src="imgs/new.gif" /></td>
<td>2024-07-02 11:15:10</td>
<td>The Post Meta Data Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘$meta_key’ parameter in all versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6264">详情</a></td>
</tr>

<tr>
<td>6658648ff9198ec6d891b6a637c62123</td>
<td>CVE-2024-6099</td>
<td>2024-07-02 11:15:10 <img src="imgs/new.gif" /></td>
<td>2024-07-02 11:15:10</td>
<td>The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthenticated bypass to user registration in versions up to, and including, 4.2.6.8.1. This is due to missing checks in the 'check_validate_fields' function in the checkout. This makes it possible for unauthenticated attackers to register as the default role on the site, even if registration is disabled.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6099">详情</a></td>
</tr>

<tr>
<td>a5391a80592b737bd7731fa734f7193e</td>
<td>CVE-2024-6088</td>
<td>2024-07-02 11:15:10 <img src="imgs/new.gif" /></td>
<td>2024-07-02 11:15:10</td>
<td>The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized user registration due to a missing capability check on the 'register' function in all versions up to, and including, 4.2.6.8.1. This makes it possible for unauthenticated attackers to bypass disabled user registration to create a new account with the default role.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6088">详情</a></td>
</tr>

<tr>
<td>d92b3366a3521445bb7e53fcc0451a1b</td>
<td>CVE-2024-4268</td>
<td>2024-07-02 11:15:10 <img src="imgs/new.gif" /></td>
<td>2024-07-02 11:15:10</td>
<td>The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's blocks in all versions up to, and including, 3.1.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-4268">详情</a></td>
</tr>

<tr>
<td>5dac148e832cc8129bd25e8805a70571</td>
<td>CVE-2024-6012</td>
<td>2024-07-02 10:15:09 <img src="imgs/new.gif" /></td>
<td>2024-07-02 10:15:09</td>
<td>The Cost Calculator Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'embed-create-page' and 'embed-insert-pages' functions in all versions up to, and including, 3.2.12. This makes it possible for authenticated attackers, with Subscriber-level access and above, to create arbitrary posts and append arbitrary content to existing posts.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6012">详情</a></td>
</tr>

<tr>
<td>0c6d3931567571b09f0e78b05be5775f</td>
<td>CVE-2024-6011</td>
<td>2024-07-02 10:15:09 <img src="imgs/new.gif" /></td>
<td>2024-07-02 10:15:09</td>
<td>The Cost Calculator Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘textarea.description’ parameter in all versions up to, and including, 3.2.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-6011">详情</a></td>
</tr>

<tr>
<td>ad927e1c87132d3c28ea9e92e3582f46</td>
<td>CVE-2024-34601</td>
<td>2024-07-02 10:15:08 <img src="imgs/new.gif" /></td>
<td>2024-07-02 10:15:08</td>
<td>Improper verification of intent by broadcast receiver vulnerability in GalaxyStore prior to version 4.5.81.0 allows local attackers to launch unexported activities of GalaxyStore.</td>
<td><a target="_blank" href="https://www.tenable.com/cve/CVE-2024-34601">详情</a></td>
</tr>
Expand Down Expand Up @@ -2100,123 +2100,123 @@ <h2><a href="https://exp-blog.com" target="_blank">眈眈探求</a> | <a href="h
</tr>

<tr>
<td>8a73b8ddadbac06959f18b78b1b92a27</td>
<td></td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Shortcodes and extra features for Phlox theme存储型跨站脚本漏洞(CVE-2024</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97816">详情</a></td>
<td>72d285355e5aeba46c69b555aeffce2a</td>
<td>CVE-2024-3717</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Contact Form 7信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97942">详情</a></td>
</tr>

<tr>
<td>5b89cf9fa9f2b3bb72bac7e1df45d99b</td>
<td>CVE-2024-3473</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress Plugin Header Footer Code Manager Pro反射型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97815">详情</a></td>
<td>0aab5972ff1172b318d8d997faf9ea5a</td>
<td>CVE-2024-3724</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Happy Addons for Elementor存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97941">详情</a></td>
</tr>

<tr>
<td>bc1a29ca610c9c79e1036c3e72d8a38d</td>
<td>CVE-2024-3338</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Colibri Page Builder存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97814">详情</a></td>
<td>ef33db2e3c05151f855828060ae66085</td>
<td>CVE-2024-3725</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Otter Blocks存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97940">详情</a></td>
</tr>

<tr>
<td>017929cbb0237d0538db3bf2473757e1</td>
<td>CVE-2024-3340</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Colibri Page Builder存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97813">详情</a></td>
<td>686e789cc3d08921f9977d8e22708dc4</td>
<td>CVE-2024-3728</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Essential Addons for Elementor存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97939">详情</a></td>
</tr>

<tr>
<td>a992dd9b9d7befb25aba7b1dcdfd6e69</td>
<td>CVE-2024-3307</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin HT Mega存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97812">详情</a></td>
<td>f4485f9de9be0b6dd8e8175b82fea8fe</td>
<td>CVE-2024-3729</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Frontend Admin by DynamiApps安全异处理错误漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97938">详情</a></td>
</tr>

<tr>
<td>50ae534999f8ec806f3e2a44e5652813</td>
<td>CVE-2024-3308</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin HT Mega存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97811">详情</a></td>
<td>04b015dbeebd3d97c18b643d9bff216c</td>
<td>CVE-2024-3734</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin FOX未授权任意函数执行漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97937">详情</a></td>
</tr>

<tr>
<td>124f3d02778b21fca0a13f1dfef369b1</td>
<td>CVE-2024-3312</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Easy Custom Auto Excerpt信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97810">详情</a></td>
<td>f48b0c44814a724c43d17b6629a5a9e8</td>
<td>CVE-2024-3743</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Elementor Addon Elements存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97936">详情</a></td>
</tr>

<tr>
<td>a52da995e3d93c73a70e703a654daf2f</td>
<td>CVE-2024-3337</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Colibri Page Builder存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97809">详情</a></td>
<td>990425bb30e009e2edee36ea5dda506e</td>
<td>CVE-2024-3747</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress Plugin Blocksy存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97935">详情</a></td>
</tr>

<tr>
<td>8dfe9bcf1d4f4f64a82fa78f2fab67a2</td>
<td>CVE-2024-3233</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Ivory Search未授权数据修改漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97808">详情</a></td>
<td>88a89bc301a7fc9574f1575877b473bf</td>
<td>CVE-2024-3819</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Jeg Elementor Kit存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97934">详情</a></td>
</tr>

<tr>
<td>4288c18dd157a24de3bd84b9517bdd80</td>
<td>CVE-2024-3206</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Control Menu Visibility未授权访问漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97807">详情</a></td>
<td>05dec0c8c1c544949f7f6e965d25b2ba</td>
<td>CVE-2024-3849</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin HoliThemes本地文件包含漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97933">详情</a></td>
</tr>

<tr>
<td>c9b1dc7383fe1ad6719da60225a682ab</td>
<td>CVE-2024-3215</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Paid Memberships Pro跨站请求伪造漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97806">详情</a></td>
<td>b0f1c6c11886b20d670a89f3c2fc1fc1</td>
<td>CVE-2024-3870</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin CFDB7信息泄露漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97932">详情</a></td>
</tr>

<tr>
<td>62537ef845085c6edaf17b7aea5c5f84</td>
<td>CVE-2024-3161</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Jeg Elementor Kit存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97805">详情</a></td>
<td>3838f2a9780c68320da276da28072387</td>
<td>CVE-2024-3885</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Premium Addons for Elementor存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97931">详情</a></td>
</tr>

<tr>
<td>2ad27fdc40028cea862a12bc16a2b56a</td>
<td>CVE-2024-3197</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Plus Addons for Elementor存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97804">详情</a></td>
<td>272ab5cd751ec4cf16466e7c2d8ef1d8</td>
<td>CVE-2024-3891</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Happy Addons for Elementor存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97930">详情</a></td>
</tr>

<tr>
<td>624eddaf75d04f3d2ce8179bcbf14f2f</td>
<td>CVE-2024-3199</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Plus Addons for Elementor存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97803">详情</a></td>
<td>8bd4ae41d32498bb5f36cc77aee710cd</td>
<td>CVE-2024-3895</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin WP Datepicker未授权数据修改漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97929">详情</a></td>
</tr>

<tr>
<td>abd48f5115d2618ecd598282aab0e997</td>
<td>CVE-2024-3074</td>
<td>2024-07-02 09:20:25 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Elementor ImageBox存储型跨站脚本漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97802">详情</a></td>
<td>29f04b5418ec88cb994a78e3d5523559</td>
<td>CVE-2024-3897</td>
<td>2024-07-03 03:22:41 <img src="imgs/new.gif" /></td>
<td>WordPress plugin Popup Box未授权数据访问漏洞</td>
<td><a target="_blank" href="http://www.nsfocus.net/vulndb/97928">详情</a></td>
</tr>

</tbody>
Expand Down

0 comments on commit e7b1dca

Please sign in to comment.