CVE-2023-34124
描述: The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks, allowing authentication bypass. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics:
CVE-2023-36846
描述: A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system
The Website Contact Form With File Upload plugin for WordPress is vulnerable to arbitrary file
链接: https://github.com/advisories/GHSA-vh36-c3hc-6876 CVSS 评分: 9.8 参考链接: https://nvd.nist.gov/vuln/detail/CVE-2015-10137 https://packetstormsecurity.com/files/131413 https://packetstormsecurity.com
The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file
链接: https://github.com/advisories/GHSA-jj57-5w64-pjmg CVSS 评分: 9.8 参考链接: https://nvd.nist.gov/vuln/detail/CVE-2012-10020 https://packetstormsecurity.com/files/113576 https://plugins.trac.wordpress.
parisneo/lollms Remote Code Execution Vulnerability
漏洞信息漏洞名称: parisneo/lollms Remote Code Execution Vulnerability 漏洞编号: CVE: CVE-2024-3121 漏洞类型: 命令执行 漏洞等级: 高危 漏洞描述: 该漏洞存在于parisneo/lollms的create_conda_env函数中,允许攻击者执行远程代码。lollms是一个用于机器学习的库,广泛应
Appsmith 权限提升漏洞
漏洞信息漏洞名称: Appsmith 权限提升漏洞 漏洞编号: CVE: CVE-2024-55963 漏洞类型: 权限提升 漏洞等级: 高危 漏洞描述: Appsmith是一个开源的、低代码平台,用于构建内部工具和应用程序,广泛应用于企业级服务中,支持快速开发和部署。该平台因其易用性和灵活性,在开发者社区中颇受欢迎。此次发现的漏洞存在于Appsmith的/api/v1&#